COSSAS / dgadLinks
DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic
☆45Updated last year
Alternatives and similar repositories for dgad
Users that are interested in dgad are comparing it to the libraries listed below
Sorting:
- pyJARM is a library for doing JARM fingerprinting using python☆50Updated 6 months ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆37Updated 3 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆37Updated 4 months ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆79Updated 3 months ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆158Updated 6 months ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆87Updated 3 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆12Updated 4 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆40Updated 5 months ago
- ☆43Updated 2 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 3 years ago
- ☆33Updated last week
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Updated 3 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- ☆44Updated 3 months ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆144Updated 2 years ago
- Website crawler with YARA detection☆90Updated 2 years ago
- Active C2 IoCs☆99Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- This repository hosts community contributed Kestrel analytics☆18Updated last year
- A MITRE Caldera plugin☆46Updated this week
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆66Updated last year
- ☆28Updated 4 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated 2 years ago
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆32Updated last year
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆72Updated 5 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆42Updated last year
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 6 months ago
- ☆53Updated 3 years ago