nccgroup / JA3_outlierView external linksLinks
Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes
☆16Aug 10, 2022Updated 3 years ago
Alternatives and similar repositories for JA3_outlier
Users that are interested in JA3_outlier are comparing it to the libraries listed below
Sorting:
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- visually see issues with supported cipher suites☆17Jun 18, 2024Updated last year
- ☆18Jun 8, 2018Updated 7 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated last month
- ☆16Mar 16, 2021Updated 4 years ago
- This repository hosts community contributed Kestrel analytics☆18May 28, 2024Updated last year
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- A few quick recipes for those that do not have much time during the day☆22Oct 28, 2024Updated last year
- PyCommand Scripts for Immunity Debugger☆37Jun 21, 2014Updated 11 years ago
- Standardized Malware Analysis Tool☆56Mar 9, 2021Updated 4 years ago
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year
- A triage data collection script for macOS☆28Nov 27, 2020Updated 5 years ago
- ARDvark parses the Apple Remote Desktop (ARD) files to pull out application usage, user activity, and filesystem listings.☆36Jun 1, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 3 years ago
- Windows Security Logging☆43Jul 17, 2022Updated 3 years ago
- Official implementation for the paper "On deceiving malware classification with section injection"☆36Aug 16, 2022Updated 3 years ago
- Simulates a compromise in a cloud and container environment☆33Dec 18, 2024Updated last year
- Scripts to integrate DFIR-IRIS, MISP and TimeSketch☆34Feb 2, 2022Updated 4 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Jul 21, 2022Updated 3 years ago
- Bluehat 2018 Graphs for Security Workshop☆42Sep 29, 2018Updated 7 years ago
- A parser for Unified logging tracev3 files☆97Jul 25, 2025Updated 6 months ago
- This repository contains numerous small utility packages. These packages serve various useful purposes and are written in nano ESModule w…☆10Jan 29, 2026Updated 2 weeks ago
- Powered by AI, BlinkID C SDK enables scanning, data extraction and OCR of various identity documents and passports.☆10May 5, 2022Updated 3 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆40Jun 20, 2023Updated 2 years ago
- Asset inventory of over 800 public bug bounty programs.☆12Jun 12, 2023Updated 2 years ago
- Enjoy Soundcloud without the need for a Pro account.☆18Jan 16, 2019Updated 7 years ago
- Latest version of GoFFish Distributed Graph Processing Platforms☆12Apr 30, 2018Updated 7 years ago
- Network Shredder IDS☆11Aug 14, 2024Updated last year
- morphHTA - Morphing Cobalt Strike's evil.HTA☆10Jun 3, 2017Updated 8 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Modern Honey Network deployment with ansible☆12Jun 4, 2022Updated 3 years ago
- Logs the I.P address(IPv4) of the device present on LAN and performs OS guessing .☆10Apr 24, 2022Updated 3 years ago
- Library of threat hunts to get any user started!☆48Sep 4, 2020Updated 5 years ago
- A dockerized, improved version of the Impacket smbserver.py☆39Jun 27, 2019Updated 6 years ago
- Read any ArchWiki page directly in Obsidian☆10Sep 6, 2023Updated 2 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆11Dec 29, 2021Updated 4 years ago
- Puppet Guide☆10Jan 2, 2022Updated 4 years ago