akamai / luda
Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs path by inspecting internet traffic. Moreover, deep learning models or even regular ML model do not fit for inline deployment in terms of running performance. However, regexes ( or YARA rules ) can be deployed …
☆75Updated last year
Alternatives and similar repositories for luda:
Users that are interested in luda are comparing it to the libraries listed below
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 2 years ago
- nse script to inject jndi payloads☆46Updated 3 years ago
- ☆69Updated 3 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆94Updated 5 years ago
- ☆42Updated 2 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization,…☆68Updated 3 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆59Updated 2 years ago
- ☆41Updated 11 months ago
- Active C2 IoCs☆98Updated 2 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 2 years ago
- HoneyCreds network credential injection to detect responder and other network poisoners.☆216Updated 3 years ago
- ☆28Updated 2 months ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- Kerberos laboratory to better understand and then detecting attack on kerberos☆69Updated 3 years ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆113Updated 3 years ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- Automatic detection engineering technical state compliance☆55Updated 8 months ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆111Updated 2 years ago
- Repository of resources for configuring a Red Team SIEM using Elastic☆100Updated 6 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- ☆44Updated last year
- The Fastest way to consume Threat Intel☆25Updated 2 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an�…☆141Updated last year
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Picus Labs☆44Updated 4 years ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 3 years ago