There are no reviews yet. Be the first to send feedback to the community and the maintainers!
rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibanapasser
Passive service locator, a python sniffer that identifies servers, clients, names and much morethreat-tools
Tools for simulating threatsrita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.threat-hunting-labs
Collection of walkthroughs on various threat hunting techniquesespy
Endpoint detection for remote hosts for consumption by RITA and Elasticsearchdocker-zeek
Run zeek with zeekctl in dockersmudge
Passive OS detection based on SYN packets without Transmitting any Datapcap-stats
Learn about a network from a pcap file or reading from an interfacebro-install
An Installation Script for Bro IDS on Debian Based Systemszcutter
Extracts fields from zeek logs, compatible with zeek-cutdevprof
Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.sniffer-template
Template for building a packet snifferzeek-open-connections
ipfix-rita
Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysisrita-bl
Real Intelligence Threat Analytics -- Blacklist Databasemongo-diff
A Python script for diff'ing mongo databaseszeekcfg
A node.cfg generator for zeekctlzeek-log-transport
This script ships logs from Zeek to AC-Hunterpi_show
Python script/library for displaying text and graphics on Raspberry Pi PiOled Hatshell-lib
Shell Scripts Used Across ActiveCM Projectscertificate-issues
Identifies certificate problems from Zeek ssl log filespi_project_installer
A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbianmgosec
A Small Helper Library For Securing MongoDB Connections with Golangbro-rita
A bro plugin for writing log data to MongoDB for use with RITAsafelist-tools
Tools for working with the safelist (formerly whitelist)docker-ca
A Docker Image For OpenSSL Certificate Authorities (For Testing)pcap-resources
Support files and tools for pcap analysis and packet capturezeek-log-clean
Delete Zeek log files until disk usage is under a given thresholdsave_json_stream
JSON TCP stream importer for RITA and AC-HunterDBTest
Managed Integration Testing Dependencies via Docker for Gobro-rita-test
Compares bro-rita against rita's built in parsingbro-mongodb
Love Open Source and this site? Check out how you can help us