akamai / luda
Malicious actors often reuse code to deploy their malware, phishing website or CNC server. As a result, similiaries can be found on URLs path by inspecting internet traffic. Moreover, deep learning models or even regular ML model do not fit for inline deployment in terms of running performance. However, regexes ( or YARA rules ) can be deployed …
☆74Updated last year
Related projects ⓘ
Alternatives and complementary repositories for luda
- ☆42Updated last year
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 2 years ago
- ☆68Updated 3 years ago
- Active C2 IoCs☆96Updated last year
- Repository of resources for configuring a Red Team SIEM using Elastic☆98Updated 6 years ago
- nse script to inject jndi payloads☆45Updated 2 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆93Updated 5 years ago
- Valhalla API Client☆63Updated last year
- A forensic evidence acquirer☆85Updated 3 years ago
- vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization,…☆68Updated 3 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Static code analysis tool based on Elasticsearch☆130Updated 3 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆144Updated last year
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆104Updated 2 years ago
- Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions☆97Updated last year
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆84Updated last year
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆135Updated last year
- Automated detection rule analysis utility☆29Updated 2 years ago
- ☆41Updated 7 months ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆141Updated last year
- Collaborative pentest tool with highly customizable tools☆71Updated 2 years ago
- ☆68Updated last year
- A CALDERA plugin☆65Updated 8 months ago
- Automatic detection engineering technical state compliance☆50Updated 4 months ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆80Updated 2 years ago
- A Pythonic interface and command line tool for interacting with the InQuest Labs API.☆34Updated last year