Active Countermeasures

Pinned Repositories

BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Language:Shell277 19 3442
docker-zeek
Run zeek with zeekctl in docker
Language:Shell41 5 1316
espy
Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Language:Go64 8 4317
passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
Language:Python237 13 149
pcap-stats
Learn about a network from a pcap file or reading from an interface
Language:Python24 3 03
rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Language:Go2.5k 112 388360
smudge
Passive OS detection based on SYN packets without Transmitting any Data
Language:Python40 3 134
threat-hunting-labs
Collection of walkthroughs on various threat hunting techniques
Language:HTML71 8 117
threat-tools
Tools for simulating threats
Language:Python153 9 127
zeek-log-transport
This script ships logs from Zeek to AC-Hunter
Language:Shell5 3 32

Active Countermeasures's Repositories

activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
Language:Go2.5k 112 388360
activecm/BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Language:Shell277 19 3442
activecm/passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
Language:Python237 13 149
activecm/threat-tools
Tools for simulating threats
Language:Python153 9 127
activecm/threat-hunting-labs
Collection of walkthroughs on various threat hunting techniques
Language:HTML71 8 117
activecm/espy
Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Language:Go64 8 4317
activecm/docker-zeek
Run zeek with zeekctl in docker
Language:Shell41 5 1316
activecm/smudge
Passive OS detection based on SYN packets without Transmitting any Data
Language:Python40 3 134
activecm/pcap-stats
Learn about a network from a pcap file or reading from an interface
Language:Python24 3 03
activecm/zcutter
Extracts fields from zeek logs, compatible with zeek-cut
Language:Python16 2 02
activecm/sniffer-template
Template for building a packet sniffer
Language:Python14 4 04
activecm/zeek-open-connections
Language:Zeek11 3 24
activecm/rita-bl
Real Intelligence Threat Analytics -- Blacklist Database
Language:Go8 5 47
activecm/zeekcfg
A node.cfg generator for zeekctl
Language:Go6 3 54
activecm/certificate-issues
Identifies certificate problems from Zeek ssl log files
Language:Shell5 4 0
activecm/shell-lib
Shell Scripts Used Across ActiveCM Projects
Language:Shell5 3 92
activecm/zeek-log-transport
This script ships logs from Zeek to AC-Hunter
Language:Shell5 3 32
activecm/mgosec
A Small Helper Library For Securing MongoDB Connections with Golang
Language:Go4 5 2
activecm/safelist-tools
Tools for working with the safelist (formerly whitelist)
Language:Go3 5 23
activecm/pcap-resources
Support files and tools for pcap analysis and packet capture
2 4 02
activecm/zeek-log-clean
Delete Zeek log files until disk usage is under a given threshold
Language:Shell2 3 1
activecm/bad-asn-list
An open source list of ASNs known to belong to cloud, managed hosting, and colo facilities.
1 1 01
activecm/save_json_stream
JSON TCP stream importer for RITA and AC-Hunter
Language:Python1 4 01
activecm/tcp-sig-json
Json file that holds TCP signatures for passive OS fingerprinting
Language:Python0 4 11
activecm/ACH-Zeek
Zeek installer packaged with AC-Hunter
Language:Shell2 0
activecm/active-dns-lookup
Lookup hostnames via dns
Language:Python1 0
activecm/db-lib
Python database access library
Language:Python2 0
activecm/get-release
Github Action to get release information based on a tag
Language:JavaScript2 0
activecm/packages
The default package source of the Zeek Package Manager
2 0
activecm/zeek-agent-v2
Open source endpoint agent providing host information to Zeek. [v2]
Language:C++1 0