akamai / luda
Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs path by inspecting internet traffic. Moreover, deep learning models or even regular ML model do not fit for inline deployment in terms of running performance. However, regexes ( or YARA rules ) can be deployed …
☆75Updated last year
Alternatives and similar repositories for luda:
Users that are interested in luda are comparing it to the libraries listed below
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- ☆43Updated 2 years ago
- nse script to inject jndi payloads☆46Updated 3 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆95Updated 5 years ago
- ☆69Updated 3 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- Active C2 IoCs☆99Updated 2 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 3 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Tool to read EVTX files including SYSMON and convert to JSON, MISP Objects and Graph stream☆11Updated 4 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated last year
- ATT&CK Evaluations website (DEPRECATED)☆59Updated 4 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆140Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Cybersecurity Incidents Mind Maps☆33Updated 3 years ago
- ☆41Updated last year
- ☆42Updated last month
- ☆28Updated 4 months ago
- Blue Pigeon is a Bluetooth-based data exfiltration and proxy tool to enable communication between a remote Command and Control (C2) serve…☆54Updated 3 years ago
- A forensic evidence acquirer☆86Updated 4 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 3 years ago
- A honeypot for the Log4Shell vulnerability (CVE-2021-44228).☆92Updated 5 months ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆142Updated last year
- Slides and materials for conference presentations☆11Updated last year