activecm / rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
☆277Updated this week
Alternatives and similar repositories for rita:
Users that are interested in rita are comparing it to the libraries listed below
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆188Updated 9 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆207Updated 4 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆229Updated 3 weeks ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆188Updated last year
- Threat Hunting Toolkit is a Swiss Army knife for threat hunting, log processing, and security-focused data science☆137Updated 2 weeks ago
- Rules generated from our investigations.�☆194Updated 3 weeks ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 11 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆238Updated 3 weeks ago
- Tools for simulating threats☆183Updated last year
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆193Updated 3 months ago
- MISP Playbooks☆194Updated 2 months ago
- Halberd : Multi-Cloud Attack Platform☆266Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.☆284Updated 11 months ago
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆283Updated this week
- An open-source self-hosted purple team management web application.☆267Updated 2 weeks ago
- Mapping of open-source detection rules and atomic tests.☆162Updated 2 months ago
- LotL RMM☆168Updated 3 weeks ago
- DECeption with Evaluative Integrated Validation Engine (DECEIVE): Let an LLM do all the hard honeypot work!☆234Updated 3 weeks ago
- A repository to share publicly available Velociraptor detection content☆154Updated this week
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated last month
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆150Updated last month
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆559Updated last month
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆176Updated 7 months ago
- 🏴☠️💰 Another Ransomware gang tracker☆190Updated last week
- Automated YARA Rule Standardization and Quality Assurance Tool☆205Updated last week
- Purple Team Exercise Framework☆693Updated last year
- God Mode Detection Rules☆134Updated 8 months ago
- CLI tools for forensic investigation of Windows artifacts☆327Updated 5 months ago
- An opensource sigma conversion tool built using pysigma☆122Updated 3 months ago