apauna / RASSH
RASSH – Reinforced Adaptive SSH Honeypot This is a project developed for my Phd Thesis and the target is to create an Adaptive Honeypot capable of interacting with attackers using Reinforcement Learning. The code is written in Python and it uses the Kippo SSH Honeypot as reference(source) to create an emulated SSH server that interacts with t…
☆10Updated 5 years ago
Alternatives and similar repositories for RASSH:
Users that are interested in RASSH are comparing it to the libraries listed below
- An adaptive honeypot using a reinforcement learning implementation, to learn from interactions from automated malware attacks☆21Updated 6 years ago
- The IoT honeypot (Master's Thesis)☆8Updated 5 years ago
- Go implementation of the Community ID flow hashing standard☆20Updated last week
- ☆12Updated 7 years ago
- Growing collection of Spicy-based protocol and file analyzers for Zeek☆31Updated 7 months ago
- Zeek scripts that provide an alternative log file logging TLS/SSL traffic☆10Updated 3 years ago
- Import Mitre Att&ck into Neo4j database☆35Updated 2 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- Automatically collects the known CVE and its corresponding Poc, and sends it to the LLM for analysis, disassembles the attack steps, gene…☆18Updated 9 months ago
- Yara powered NIDS with high speed packet capture powered by PF_RING☆69Updated 11 months ago
- DGA Detective - Hunt domains generated by Domain Generation Algorithms to identify malware traffic☆41Updated 8 months ago
- This is a project of "Cybersecurity Event Detection with New and Re-emerging Words". (ASIACCS 2020)☆28Updated last year
- High fidelity JA3 & JA3S combinations for known botnets and alike☆11Updated 6 years ago
- Globally distributed honeypots and HoneyNets IOCs and file reversing☆16Updated last year
- A Zeek package for the passive detection of "Ripple20" vulnerabilities in the Treck TCP/IP stack.☆33Updated 2 years ago
- High Interaction Honeypot Solution for Redis protocol☆24Updated 4 years ago
- This tool maps a file's behavior on MITRE ATT&CK matrix.☆58Updated 5 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆43Updated 7 years ago
- ssdeep cluster analysis for malware files☆30Updated 4 years ago
- Quickly generate suricata rules for IOCs☆29Updated 3 years ago
- This is an open source Snort rules repository☆30Updated 2 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- We implement IoTPOT, a novel honeypot to emulate Telnet services of various IoT devices to analyze ongoing attacks in depth. IoTPOT consi…☆27Updated 9 years ago
- Repository collecting and automagically processing public threat intelligence reports.☆18Updated 4 years ago
- Is this IP a C2 server?☆28Updated 5 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 5 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆101Updated 3 years ago
- Advanced Persistent Threat Detection Using Network Analysis☆22Updated 6 years ago
- a database that collects data related to APTs from existing public sources through a semi automatic methodology and produces an exhaustiv…☆15Updated 2 years ago
- Data sets and examples for Jask Labs Blackhat 2017 Handout: Top 10 Machine Learning Cyber Security Use Cases☆31Updated 7 years ago