Active Countermeasures

passer Public
Passive service locator, a python sniffer that identifies servers, clients, names and much more

Python 188 GPL-3.0 37 0 3 Updated Apr 19, 2022
rita Public
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Go 1,860 GPL-3.0 307 69 (8 issues need help) 7 Updated Apr 19, 2022
BeaKer Public
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana

Shell 241 GPL-3.0 34 10 3 Updated Apr 19, 2022
tcp-sig-json Public
Json file that holds TCP signatures for passive OS fingerprinting

0 GPL-3.0 0 0 0 Updated Apr 15, 2022
espy Public
Endpoint detection for remote hosts for consumption by RITA and Elasticsearch

Go 36 GPL-3.0 7 10 0 Updated Apr 12, 2022
shell-lib Public
Shell Scripts Used Across ActiveCM Projects

Shell 4 BSD-3-Clause 1 1 0 Updated Apr 12, 2022
threat-tools Public
Tools for simulating threats

Shell 70 GPL-3.0 12 0 0 Updated Apr 7, 2022
safelist-tools Public
Tools for working with the safelist (formerly whitelist)

Shell 1 GPL-3.0 1 1 0 Updated Apr 5, 2022
zeek-log-transport Public
This script ships logs from Zeek to AC-Hunter

Shell 4 1 1 1 Updated Mar 24, 2022
zeek-log-clean Public
Delete Zeek log files until disk usage is under a given threshold

Shell 0 MIT 0 0 0 Updated Mar 15, 2022

Pinned