staaldraad / fastfluxanalysis
Scripts to detect Fast-Flux and DGA using DNS query responses
☆42Updated 7 years ago
Alternatives and similar repositories for fastfluxanalysis:
Users that are interested in fastfluxanalysis are comparing it to the libraries listed below
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Passive DNS V2☆61Updated 11 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆44Updated 5 years ago
- Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching☆33Updated 8 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- A Docker container for Moloch based on minimal Debian☆26Updated 9 years ago
- A tool to generate Snort rules based on public IP reputation data☆56Updated 11 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 7 years ago
- Network sinkhole for isolated malware analysis☆40Updated 7 years ago
- Golang based web service to scan files with yara rules☆27Updated 7 years ago
- The plugin repository for Honeycomb, the honeypot framework by Cymmetria☆26Updated last year
- ☆14Updated 11 months ago
- intel amt honeypot☆18Updated 7 years ago
- Find permanent WMI event consumers on endpoints that could be used by APT actors.☆17Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Ender of Fast-Flux malicious domains.☆26Updated 10 years ago
- Check IOC provided by a MISP instance on Suricata events☆17Updated 5 years ago
- Detect kerberos attacks in pcap files☆28Updated 9 years ago
- Bro IDS + ELK Stack to detect and block data exfiltration☆46Updated 6 years ago
- Based on the Volatility framework, this script will run various plugins as well as create a timeline, or use YARA/ClamAV/VirusTotal to fi…☆49Updated 7 years ago
- Alienvault Labs Projects Random Stuff☆79Updated 11 years ago
- ☆19Updated 6 years ago
- IoC's, PCRE's, YARA's etc☆23Updated last week
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- ☆10Updated 9 years ago
- Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers☆71Updated 8 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Updated 4 years ago
- Normalizer for honeypot data.☆45Updated 9 years ago