abzcoding / aptdetectorLinks
Advanced Persistent Threat Detection Using Network Analysis
☆23Updated 6 years ago
Alternatives and similar repositories for aptdetector
Users that are interested in aptdetector are comparing it to the libraries listed below
Sorting:
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆103Updated 6 months ago
- A map displaying threat actors from the misp-galaxy☆33Updated 2 years ago
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Updated 8 years ago
- Repository of all the sites related to infosec IP/Domain/Hash/SSL/etc OSINT and eventually will include more.☆69Updated 2 months ago
- A web-based tool to assist the work of the intuitive threat analysts.☆114Updated 6 years ago
- Malware/IOC ingestion and processing engine☆108Updated 7 years ago
- CARET - A tool for viewing cyber analytic relationships☆55Updated 5 years ago
- ☆35Updated 4 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆44Updated 8 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Updated 6 years ago
- Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and s…☆19Updated this week
- HoneyDB Python Module☆14Updated last year
- Home to the ActorTrackr source code☆30Updated 8 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆44Updated 4 years ago
- Hunting IOCs all day every day...☆87Updated 2 years ago
- Client API to query any Passive DNS implementation following the Passive DNS - Common Output Format.☆82Updated last month
- Checkpot Honeypot Checker☆46Updated 6 years ago
- Mapping NSM rules to MITRE ATT&CK☆73Updated 5 years ago
- Semi-Intelligent HoneyPot Network - Semi-Intelligent Reactive Environment Network☆15Updated 7 years ago
- Malware Sinkhole List in various formats☆103Updated 3 years ago
- brostash: Linux distribution based on Debian and focusing on network security events collection☆33Updated 5 years ago
- Proactive Computer Network Defense Strategy - OSINT Real Time Threat Stream - Social/DarkNet - Data Mining☆31Updated 13 years ago
- Providing timelines based on OSINT Reports☆31Updated 2 years ago
- Utility for parsing Bro log files into CSV or JSON format☆42Updated 2 years ago
- A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).☆65Updated 6 years ago
- Graph Representation of MITRE ATT&CK's CTI data☆50Updated 6 years ago
- The Fastest way to consume Threat Intel☆26Updated 3 years ago
- DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text fil…☆80Updated last year
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 6 years ago
- Centralize Management of Intrusion Detection System like Suricata Bro Ossec ...☆71Updated 6 years ago