COSSAS / dgadLinks
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆43Updated last year
Alternatives and similar repositories for dgad
Users that are interested in dgad are comparing it to the libraries listed below
Sorting:
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆36Updated 2 months ago
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 4 months ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated last month
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆55Updated 4 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆156Updated 4 months ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Updated 3 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- Website crawler with YARA detection☆88Updated last year
- ☆42Updated 3 weeks ago
- ☆43Updated 2 years ago
- This repository hosts community contributed Kestrel analytics☆17Updated last year
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆30Updated 3 weeks ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆55Updated 2 weeks ago
- Import Mitre Att&ck into Neo4j database☆37Updated 2 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆140Updated 2 years ago
- ☆28Updated 4 years ago
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆25Updated last year
- Automated detection rule analysis utility☆29Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 3 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Updated last year
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆33Updated last year
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- Active C2 IoCs☆99Updated 2 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆24Updated last year
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated 8 months ago