COSSAS / dgad
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆41Updated 8 months ago
Alternatives and similar repositories for dgad:
Users that are interested in dgad are comparing it to the libraries listed below
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- ☆43Updated 2 years ago
- pyJARM is a library for doing JARM fingerprinting using python☆49Updated last month
- This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…☆24Updated last year
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated last week
- ☆25Updated last year
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆34Updated 3 weeks ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆63Updated last year
- ☆27Updated 4 years ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated last year
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆33Updated last year
- This repository hosts community contributed Kestrel analytics☆17Updated 10 months ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…☆26Updated this week
- ☆45Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ☆41Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆53Updated 2 weeks ago
- MITRE Shield website☆19Updated 3 years ago
- A MITRE Caldera plugin☆43Updated 5 months ago
- Suricata rule and intel index☆30Updated 3 weeks ago
- Augmentation to Machine Readable CTI☆31Updated last month
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 3 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Updated last year
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆28Updated this week