COSSAS / dgadLinks
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆42Updated 10 months ago
Alternatives and similar repositories for dgad
Users that are interested in dgad are comparing it to the libraries listed below
Sorting:
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- ☆43Updated 2 years ago
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 3 months ago
- Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively☆34Updated 2 months ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆25Updated last year
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated 2 years ago
- Import Mitre Att&ck into Neo4j database☆36Updated 2 years ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated last year
- This repository hosts community contributed Kestrel analytics☆17Updated last year
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆72Updated last week
- Suricata rule and intel index☆31Updated 3 months ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆35Updated 3 weeks ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- A MITRE Caldera plugin☆43Updated 7 months ago
- Active C2 IoCs☆99Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- This program generates cyber attack scenarios for use in cyber training exercises, red team planning, blue team planning, automated attac…☆27Updated 4 years ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆65Updated last year
- The project will serve as a central repository for VMware Threat Analysis Unit (TAU) to share threat intelligence with the security commu…☆17Updated 2 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆59Updated 5 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆33Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- A Self-Contained Open-Source Cyberattack Experimentation Testbed☆41Updated 3 weeks ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ☆42Updated last year
- A tool to assess data quality, built on top of the awesome OSSEM.☆78Updated 2 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 3 years ago