activecm / ritaLinks
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
☆298Updated last week
Alternatives and similar repositories for rita
Users that are interested in rita are comparing it to the libraries listed below
Sorting:
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆190Updated 11 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆212Updated 6 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆254Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆253Updated 2 months ago
- Tools for simulating threats☆185Updated last year
- Halberd : Multi-Cloud Attack Tool☆278Updated 3 weeks ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆192Updated last year
- An index of publicly available and open-source threat detection rulesets.☆112Updated last month
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆170Updated last week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆575Updated last month
- Rules generated from our investigations.☆195Updated this week
- LotL RMM☆196Updated 2 weeks ago
- Mapping of open-source detection rules and atomic tests.☆165Updated 4 months ago
- MISP Playbooks☆201Updated 3 months ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆221Updated last week
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆310Updated this week
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆141Updated last month
- This is a collection of threat detection rules / rules engines that I have come across.☆290Updated last year
- A collection of companies that disclose adversary TTPs after they have been breached☆243Updated last year
- A security analysis tool that identifies DNS queries made by browser extensions, empowering security teams to detect and investigate susp…☆164Updated 3 months ago
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆245Updated this week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆154Updated 3 months ago
- An open-source self-hosted purple team management web application.☆271Updated 3 weeks ago
- Documentation and scripts to properly enable Windows event logs.☆613Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆212Updated last week
- A repository to share publicly available Velociraptor detection content☆170Updated this week
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆716Updated last month
- Open Source Security Operations Center Documentation☆186Updated 3 weeks ago
- God Mode Detection Rules☆134Updated 9 months ago
- Sigma rule specification☆134Updated 2 months ago