bzar
Adversarial activity analyzer
A set of scripts to detect and analyze cyber adversary activity using Bro/Zeek network security monitor
A set of Zeek scripts to detect ATT&CK techniques.
570 stars
30 watching
75 forks
Language: Zeek
last commit: 7 months ago
Linked from 1 awesome list
0x4d31/awesome-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 mitre/advmlthreatmatrix | A framework to help security analysts understand and prepare for adversarial machine learning attacks on AI systems | 1,056 |
 zeek/zeek | An in-depth network analysis framework for analyzing network traffic and security monitoring. | 6,513 |
 cybersecurityup/mitre-attack-matrix | A comprehensive resource for understanding and visualizing the relationships between different types of cyber attacks and their tactics, techniques, and procedures. | 18 |
 mitrecnd/malchive | A collection of reusable scripts and tools for analyzing malicious software | 75 |
 hatriot/zarp | A network attack tool designed to manage and analyze local networks | 1,449 |
 nshalabi/attack-tools | Utilities for simulating adversary behavior in the context of threat intelligence and security analysis | 1,011 |
 telekom-security/malware_analysis | An analysis repository providing scripts, signatures, and IOCs for detecting and analyzing malware. | 110 |
 rieck/malheur | A tool for automatically analyzing malware behavior and identifying patterns and classes. | 369 |
 adokter/biorad | An R package for extracting and reporting biological signals from weather radar data. | 29 |
 rjzak/decompressingyara | A tool for decompressing malware samples and running Yara rules against them. | 7 |
 mitre-atlas/arsenal | Provides tools and techniques for simulating AI-enabled system attacks in a controlled environment. | 85 |
| mitre/brawl-public-game-001 | Automates testing of cybersecurity detection and response capabilities in a controlled network environment | 202 |
 angr/angr-management | A graphical tool for analyzing and visualizing binary code | 923 |
| mitre/caldera | Automates adversary emulation and incident response using a framework built on the MITRE ATT&CK model | 5,722 |
| mitre/multiscanner | Automated file analysis framework with modular design and distributed workflow | 618 |