Pulled Pork – Suricata & Snort Rule Management

Keep on Guard!


Pulled Pork is a PERL based tool for Suricata and Snort rule management – it can determine your version of Snort and automatically download the latest rules for you.

Pulled Pork - Suricata & Snort Rule Management

The name was chosen because simply speaking, it Pulls the rules. Using a regular crontab you can keep your Snort or Suricata rules up to date automatically.

Features and Capabilities

Pulledpork 0.7.2 has been tested and works with Snort 2.9.8.3/Suricata 3.1.3 and the Snort Registered rules/ETOpen/ETPro rulesets.

  • Automated downloading, parsing, state modification and rule modification for all of your snort rulesets.
  • Checksum verification for all major rule downloads
  • Automatic generation of updated sid-msg.map file
  • Capability to include your local.rules in sid-msg.map file
  • Capability to pull rules tarballs from custom urls
  • Complete Shared Object support
  • Complete IP Reputation List support
  • Capability to download multiple disparate rulesets at once
  • Maintains accurate changelog
  • Capability to HUP processes after rules download and process
  • Aids in tuning of rulesets
  • Verbose output so that you know EXACTLY what is happening
  • Minimal Perl Module dependencies
  • Support for Suricata, and ETOpen/ETPro rulesets

Usage

You can download Pulled Pork here:

pulledpork-v0.7.2.zip

Or read more here.

Posted in: Countermeasures, Networking Hacking, Security Software

,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


Comments are closed.