Active Countermeasures (@activecm)
  • Stars
    star
    3,696
  • Global Org. Rank 5,911 (Top 2 %)
  • Registered about 8 years ago
  • Most used languages
    Python
    29.4 %
    Go
    29.4 %
    Shell
    29.4 %
    C++
    5.9 %
    HTML
    2.9 %
    Zeek
    2.9 %

Top repositories

1

rita-legacy

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
2,500
star
2

BeaKer

Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Shell
281
star
3

passer

Passive service locator, a python sniffer that identifies servers, clients, names and much more
Python
240
star
4

threat-tools

Tools for simulating threats
Python
166
star
5

rita

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Go
97
star
6

threat-hunting-labs

Collection of walkthroughs on various threat hunting techniques
HTML
73
star
7

espy

Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Go
66
star
8

docker-zeek

Run zeek with zeekctl in docker
Shell
44
star
9

smudge

Passive OS detection based on SYN packets without Transmitting any Data
Python
42
star
10

pcap-stats

Learn about a network from a pcap file or reading from an interface
Python
25
star
11

bro-install

An Installation Script for Bro IDS on Debian Based Systems
Shell
19
star
12

zcutter

Extracts fields from zeek logs, compatible with zeek-cut
Python
17
star
13

devprof

Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
Python
16
star
14

sniffer-template

Template for building a packet sniffer
Python
15
star
15

zeek-open-connections

Zeek
12
star
16

ipfix-rita

Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis
Go
10
star
17

rita-bl

Real Intelligence Threat Analytics -- Blacklist Database
Go
8
star
18

mongo-diff

A Python script for diff'ing mongo databases
Python
8
star
19

zeekcfg

A node.cfg generator for zeekctl
Go
6
star
20

zeek-log-transport

This script ships logs from Zeek to AC-Hunter
Shell
5
star
21

pi_show

Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat
Python
5
star
22

shell-lib

Shell Scripts Used Across ActiveCM Projects
Shell
5
star
23

certificate-issues

Identifies certificate problems from Zeek ssl log files
Shell
5
star
24

pi_project_installer

A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
Shell
5
star
25

rita-blacklist

Real Intelligence Threat Analytics -- Blacklist Database
Go
5
star
26

mgosec

A Small Helper Library For Securing MongoDB Connections with Golang
Go
4
star
27

bro-rita

A bro plugin for writing log data to MongoDB for use with RITA
C++
3
star
28

safelist-tools

Tools for working with the safelist (formerly whitelist)
Go
3
star
29

docker-ca

A Docker Image For OpenSSL Certificate Authorities (For Testing)
Shell
2
star
30

pcap-resources

Support files and tools for pcap analysis and packet capture
2
star
31

zeek-log-clean

Delete Zeek log files until disk usage is under a given threshold
Shell
2
star
32

save_json_stream

JSON TCP stream importer for RITA and AC-Hunter
Python
1
star
33

DBTest

Managed Integration Testing Dependencies via Docker for Go
Go
1
star
34

bro-rita-test

Compares bro-rita against rita's built in parsing
Shell
1
star
35

bro-mongodb

C++
1
star