Active Countermeasures

Repositories

• espy

  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  Go GPL-3.0 0 0 6 0 Updated Dec 24, 2020

• BeaKer

  Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
  Shell GPL-3.0 20 171 6 0 Updated Dec 24, 2020

• shell-lib

  Shell Scripts Used Across ActiveCM Projects
  Shell BSD-3-Clause 0 2 2 0 Updated Dec 22, 2020

• rita

  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

  dns security analytics analysis logs threat beacon
  Go GPL-3.0 204 1,265 49 (9 issues need help) 4 Updated Dec 15, 2020

• passer

  Passive service locator, a python sniffer that identifies servers, clients, names and much more

  python linux dns security pcap packets gplv3
  Python GPL-3.0 21 136 0 0 Updated Nov 21, 2020

• docker-zeek

  Run zeek with zeekctl in docker

  docker hacktoberfest zeek zeekctl
  Shell MIT 4 9 3 1 Updated Nov 7, 2020

• zeek-log-transport

  This script ships logs from Zeek to AI-Hunter
  Shell 0 2 0 0 Updated Oct 14, 2020

• rita-bl

  Real Intelligence Threat Analytics -- Blacklist Database
  Go GPL-3.0 3 5 2 0 Updated Aug 6, 2020

• threat-hunting-labs

  Collection of walkthroughs on various threat hunting techniques
  HTML GPL-3.0 9 39 0 0 Updated Aug 3, 2020

• zeekcfg

  A node.cfg generator for zeekctl
  Go 1 1 2 0 Updated Jun 26, 2020

• bro-install Archived

  An Installation Script for Bro IDS on Debian Based Systems
  Shell 7 18 0 0 Updated Jun 25, 2020

• pi_project_installer

  A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
  Shell GPL-3.0 0 4 0 0 Updated Feb 4, 2020

• mongo-diff

  A Python script for diff'ing mongo databases
  Python 4 5 0 0 Updated Jan 28, 2020

• devprof

  Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.

  python python3 python-3 zeek
  Python LGPL-3.0 1 10 0 0 Updated Jan 28, 2020

• pi_show

  Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat

  python raspberry-pi raspberrypi python3 python-3 mit-license
  Python MIT 0 2 0 0 Updated Jan 14, 2020

• mgosec

  A Small Helper Library For Securing MongoDB Connections with Golang
  Go MIT 0 4 1 0 Updated Nov 8, 2019

• ipfix-rita Archived

  Collect IPFIX / Netflow v9 Records and Ship them to RITA for Analysis

  security netflow ipfix analytics analysis logs beacon
  Go 1 10 9 4 Updated Sep 10, 2019

• DBTest

  Managed Integration Testing Dependencies via Docker for Go
  Go MIT 0 0 0 0 Updated Dec 6, 2018

• mgorus

  Forked from Zalgo2462/mgorus

  Mongodb Hooks for Logrus
  Go MIT 20 0 0 0 Updated Jul 12, 2018

• bro-mongodb
  C++ LGPL-3.0 1 0 1 0 Updated May 28, 2018

• bro-rita

  A bro plugin for writing log data to MongoDB for use with RITA
  C++ LGPL-3.0 2 2 2 0 Updated May 28, 2018

• bro-rita-test

  Compares bro-rita against rita's built in parsing
  Shell 0 1 0 0 Updated May 10, 2018

• docker-ca

  A Docker Image For OpenSSL Certificate Authorities (For Testing)
  Shell 0 0 0 0 Updated Apr 25, 2018

• rita-blacklist Archived

  Real Intelligence Threat Analytics -- Blacklist Database
  Go GPL-3.0 6 4 5 0 Updated Jun 9, 2017