activecm / rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
☆242Updated this week
Alternatives and similar repositories for rita:
Users that are interested in rita are comparing it to the libraries listed below
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆182Updated 7 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆203Updated 3 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 9 months ago
- God Mode Detection Rules☆134Updated 6 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆121Updated 7 months ago
- An open-source self-hosted purple team management web application.☆255Updated last month
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆223Updated last year
- CLI tools for forensic investigation of Windows artifacts☆325Updated 3 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated this week
- Rapidly Search and Hunt through Linux Forensics Artifacts☆189Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆522Updated this week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆146Updated 5 months ago
- Mapping of open-source detection rules and atomic tests.☆125Updated last month
- 🏴☠️💰 Another Ransomware gang tracker☆177Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.☆281Updated 9 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆182Updated 2 weeks ago
- Repository of attack and defensive information for Business Email Compromise investigations☆246Updated 2 weeks ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆191Updated last month
- Tools for simulating threats☆181Updated last year
- Rules generated from our investigations.☆193Updated 3 months ago
- MISP Playbooks☆184Updated last week
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆168Updated 5 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆140Updated this week
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆637Updated 3 weeks ago
- An offensive data enrichment pipeline☆659Updated 2 weeks ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆249Updated last year
- Halberd : Multi-Cloud Attack Platform☆248Updated 2 weeks ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆177Updated 2 months ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆131Updated 11 months ago