Active Countermeasures

rita Public
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Go 1,892 GPL-3.0 308 70 (8 issues need help) 8 Updated Jun 6, 2022
db-lib Public
Python database access library

Python 0 WTFPL 0 0 0 Updated Jun 4, 2022
passer Public
Passive service locator, a python sniffer that identifies servers, clients, names and much more

Python 188 GPL-3.0 38 0 2 Updated Jun 4, 2022
pcap-stats Public
Learn about a network from a pcap file or reading from an interface

Python 14 GPL-3.0 0 0 0 Updated Jun 4, 2022
zeek-log-clean Public
Delete Zeek log files until disk usage is under a given threshold

Shell 0 MIT 0 0 0 Updated Jun 1, 2022
shell-lib Public
Shell Scripts Used Across ActiveCM Projects

Shell 4 BSD-3-Clause 1 1 1 Updated May 2, 2022
BeaKer Public
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana

Shell 243 GPL-3.0 35 10 3 Updated Apr 19, 2022
tcp-sig-json Public
Json file that holds TCP signatures for passive OS fingerprinting

0 GPL-3.0 0 0 0 Updated Apr 15, 2022
espy Public
Endpoint detection for remote hosts for consumption by RITA and Elasticsearch

Go 38 GPL-3.0 8 10 0 Updated Apr 12, 2022
threat-tools Public
Tools for simulating threats

Shell 75 GPL-3.0 13 0 0 Updated Apr 7, 2022

Pinned