rita-legacy
Traffic analyzer
Analyzes network traffic to detect command and control communication behaviors.
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
3k stars
112 watching
362 forks
Language: Go
last commit: 6 months ago analysisanalyticsbeaconbeacon-snifferbhisblueteambro-idsdgadnsdns-tunnelinglogsnetwork-trafficoffensive-countermeasuresritascanningsecuritythreat
Related projects:
| Repository | Description | Stars |
|---|---|---|
| activecm/rita | A framework for detecting malicious communication patterns in network traffic by analyzing Zeek logs. | 215 |
 stamparm/maltrail | Detects and analyzes malicious traffic patterns to identify potential security threats. | 6,642 |
 raihan2006i/active_admin_paranoia | Adds batch restore and archive actions to ActiveAdmin resource index pages | 29 |
 cybermonitor/apt_cybercriminal_campagin_collections | A collection of APT and cybercriminal campaign data, including malware samples and threat intelligence | 3,757 |
 zabbix/zabbix | An enterprise-class monitoring solution designed to track performance and availability of IT resources and services in real-time. | 4,484 |
 opennhp/opennhp | A Zero Trust protocol that leverages resource-hiding and encryption to safeguard servers and data from attackers | 13,520 |
 eremit4/cs-discovery | Detects malicious servers in network traffic by analyzing encoded byte patterns | 20 |
 security-onion-solutions/securityonion | An integrated security monitoring and threat hunting platform that collects, analyzes, and responds to network traffic data | 3,347 |
 nationalsecurityagency/ghidra | A software reverse engineering framework with disassembler and analysis tools | 52,492 |
| activecm/beaker | Aggregates Microsoft Sysmon network events with Elasticsearch and Kibana for threat hunting analysis | 287 |
 ch3k1/squidmagic | Analyzes web-based network traffic to detect malicious command and control servers using Squid proxy server and Spamhaus | 78 |
 akamai/luda | Develops real-time URL-based malware detection system using regexes and clustering | 74 |
 byt3bl33d3r/deathstar | Automates gaining Domain and/or Enterprise Admin rights in Active Directory environments using offensive TTPs | 1,592 |
 google/tsunami-security-scanner | An open-source network security scanner with an extensible plugin system to detect high-severity vulnerabilities. | 8,291 |
 orange-cyberdefense/goad | A pentest active directory LAB project providing a vulnerable environment for practice. | 5,620 |