1computerguy / tls-mal-detect
Using machine learning to detect malware in encrypted TLS traffic metadata
☆17Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for tls-mal-detect
- A Zeek script to generate features based on timing, volume and metadata for traffic classification.☆53Updated 4 years ago
- A completely automated anomaly detector Zeek network flows files (conn.log).☆74Updated 3 months ago
- nPrint provides a generalizable data representation for network packets that works directly with machine learning techniques☆103Updated 2 years ago
- Pcap-splitter allows you to split a pcap file into subsets of pcap files based on sessions, flows, ip addresses, number of bytes, number …☆65Updated 5 years ago
- ☆19Updated 3 years ago
- Official ID2T repository. ID2T creates labeled IT network datasets that contain user defined synthetic attacks.☆58Updated last year
- DoHlyzer is a DNS over HTTPS (DoH) traffic flow generator and analyzer for anomaly detection and characterization.☆59Updated last year
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆116Updated last year
- Repository of creating different example suricata data sets☆32Updated 5 years ago
- ☆44Updated 6 years ago
- ☆96Updated 4 years ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆38Updated 3 months ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated 2 years ago
- Download pcap files from http://www.malware-traffic-analysis.net/☆73Updated 6 years ago
- ICS Cybersecurity PCAP respository☆49Updated 5 years ago
- The report of a supervised classifier to detect malware in TLS traffic☆19Updated 5 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆132Updated 4 years ago
- zeek-scripts☆41Updated 5 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆144Updated 8 months ago
- Utility for parsing Bro log files into CSV or JSON format☆41Updated last year
- ☆24Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- pcapML standardizes network traffic analysis datasets by directly encoding metadata information into raw traffic captures☆26Updated 2 years ago
- Zeek Training Materials/Products☆35Updated last month
- Machine-learning-based intrusion detection☆32Updated 6 years ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆22Updated 3 years ago
- A curated dataset of malware and benign Windows executable samples for malware researchers☆39Updated last month
- The Security Analyst’s Guide to Suricata☆52Updated 5 months ago