COSSAS / dgad
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆40Updated 7 months ago
Alternatives and similar repositories for dgad:
Users that are interested in dgad are comparing it to the libraries listed below
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆34Updated 2 years ago
- A MITRE Caldera plugin☆41Updated 3 months ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆23Updated last year
- Mapping NSM rules to MITRE ATT&CK☆69Updated 4 years ago
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆27Updated 11 months ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated 10 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- CyCAT.org API back-end server including crawlers☆30Updated 2 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆40Updated 2 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆34Updated 11 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆62Updated 11 months ago
- This program generates cyber attack scenarios for use in cyber training exercises, red team planning, blue team planning, automated attac…☆26Updated 3 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆76Updated 2 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 4 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- ☆41Updated 2 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆21Updated 11 months ago
- pyJARM is a library for doing JARM fingerprinting using python☆51Updated last month
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Tweettioc Splunk App☆20Updated 4 years ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆22Updated 2 weeks ago
- ☆44Updated last year
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆140Updated last year