staaldraad / fastfluxanalysis
Scripts to detect Fast-Flux and DGA using DNS query responses
☆43Updated 7 years ago
Alternatives and similar repositories for fastfluxanalysis:
Users that are interested in fastfluxanalysis are comparing it to the libraries listed below
- IDS Utility Belt For Automating/Testing Various Things☆30Updated 4 years ago
- Passive DNS V2☆61Updated 11 years ago
- Command-line Interface for Binar.ly☆37Updated 8 years ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19Updated 7 years ago
- Honeypot log processor to create OTX Pulse entries☆28Updated last year
- ☆16Updated 10 years ago
- ☆22Updated 7 years ago
- Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research☆53Updated 7 years ago
- Exfiltration Framework - Exfiltration modeling tool written in Python. Naisho attempts to avoid detection from DLP, IPS/IDS egress filter…☆38Updated 10 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 8 years ago
- Remote timing attack exploit against most Zeus/Zbot variants including Citadel, Ice9, Zeus 2.3, KINS/ZeusVM etc..☆24Updated 9 years ago
- FastIR Agent is a Windows service to execute FastIR Collector on demand☆14Updated 8 years ago
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 5 years ago
- Python scripts to parse scans.io ssl data and ingest into elasticsearch for searching☆33Updated 8 years ago
- Spam Honeypot with Intelligent Virtual Analyzer☆9Updated 9 years ago
- Historical Observations of Actionable Reputation Data☆13Updated 6 years ago
- Last download from git://git.carnivore.it/honeytrap.git of Honytrap by Tillmann Werner☆43Updated 3 years ago
- Normalizer for honeypot data.☆45Updated 9 years ago
- Malice Yara Plugin☆30Updated 5 years ago
- A Burp Suite extension that starts scanning on requests it sees, and dumps results on standard output☆21Updated 8 years ago
- ☆19Updated 6 years ago
- Basic gui to run and display nmap scan results. Just a POC so far.☆31Updated 11 years ago
- JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox☆45Updated 5 years ago
- An ICAP Server with yara scanner for URL and content.☆59Updated 4 months ago
- Struts Apache 2 based honeypot as well as a detection module for Apache 2 servers☆71Updated 8 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Updated 9 years ago
- Ender of Fast-Flux malicious domains.☆27Updated 10 years ago
- Automation for VirusTotal☆31Updated 8 years ago
- This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.☆12Updated 8 years ago
- Passive DNS visualization and Passive DNS server toolkit☆35Updated 13 years ago