activecm / rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
☆198Updated this week
Related projects ⓘ
Alternatives and complementary repositories for rita
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆168Updated 4 months ago
- God Mode Detection Rules☆131Updated 3 months ago
- Halberd : Multi-Cloud Attack Tool☆208Updated this week
- A collection of companies that disclose adversary TTPs after they have been breached☆241Updated 6 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆161Updated last week
- This is a collection of threat detection rules / rules engines that I have come across.☆275Updated 6 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆171Updated 2 months ago
- MISP Playbooks☆174Updated last month
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆140Updated 2 months ago
- CLI tools for forensic investigation of Windows artifacts☆315Updated 2 weeks ago
- An ADCS honeypot to catch attackers in your internal network.☆224Updated 4 months ago
- Rules generated from our investigations.☆189Updated 3 weeks ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆563Updated 4 months ago
- Automation tool for Windows Deception Host Burn-In☆76Updated 4 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆195Updated this week
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆161Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆203Updated last year
- Rapidly Search and Hunt through Linux Forensics Artifacts☆180Updated 10 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆232Updated 11 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆116Updated 4 months ago
- LotL RMM☆96Updated this week
- HASH (HTTP Agnostic Software Honeypot)☆128Updated 6 months ago
- 🏴☠️💰 Another Ransomware gang tracker☆157Updated this week
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆168Updated this week
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆471Updated last week
- ☆251Updated last month
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆258Updated 9 months ago
- An open-source self-hosted purple team management web application.☆241Updated 3 months ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆161Updated 5 months ago