COSSAS / dgad
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆40Updated 7 months ago
Alternatives and similar repositories for dgad:
Users that are interested in dgad are comparing it to the libraries listed below
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆23Updated last year
- Suricata rule and intel index☆30Updated last week
- Augmentation to Machine Readable CTI☆30Updated 3 weeks ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆34Updated last week
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆26Updated 2 weeks ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- MITRE Shield website☆19Updated 3 years ago
- Merge of two major cyber adversary datasets, MITRE ATT&CK and ETDA/ThaiCERT Threat Actor Cards, enabling victim/motivation-adversary-tech…☆53Updated 2 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 5 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- A tool to assess data quality, built on top of the awesome OSSEM.☆77Updated 2 years ago
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- A home for detection content developed by the delivr.to team☆67Updated last month
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆30Updated last year
- ☆42Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆69Updated 2 months ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆66Updated 11 months ago
- Adversary Emulation Planner☆38Updated 9 months ago
- ☆25Updated last year
- pyJARM is a library for doing JARM fingerprinting using python☆49Updated last week
- Utility for parsing Bro log files into CSV or JSON format☆41Updated 2 years ago