Projects in Awesome Lists by activecm
A curated list of projects in awesome lists by activecm .
https://github.com/activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
analysis analytics beacon beacon-sniffer bhis blueteam bro-ids dga dns dns-tunneling logs network-traffic offensive-countermeasures rita scanning security threat
Last synced: 16 Jan 2026
https://github.com/activecm/beaker
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Last synced: 01 Apr 2026
https://github.com/activecm/rita
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.
anomaly-detection beacons blue-team c2 c2-detection command-and-control cyber-security incident-response intrusion-detection log-analysis network-monitoring network-traffic-analysis security-tools threat-hunting threat-intelligence zeek
Last synced: 16 May 2025
https://github.com/activecm/BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
Last synced: 12 Jul 2025
https://github.com/activecm/passer
Passive service locator, a python sniffer that identifies servers, clients, names and much more
capturing-packets dns docker-command gplv3 hacktoberfest linux macosx network-monitoring packet-analyzer packet-sniffer packets passer pcap pcap-analyzer python python-2 scapy security sniffer
Last synced: 09 Apr 2025
https://github.com/activecm/threat-hunting-labs
Collection of walkthroughs on various threat hunting techniques
Last synced: 02 Mar 2025
https://github.com/activecm/espy
Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
Last synced: 06 Feb 2026
https://github.com/activecm/docker-zeek
Run zeek with zeekctl in docker
docker hacktoberfest zeek zeekctl
Last synced: 17 Mar 2025
https://github.com/activecm/smudge
Passive OS detection based on SYN packets without Transmitting any Data
Last synced: 04 May 2025
https://github.com/activecm/pcap-stats
Learn about a network from a pcap file or reading from an interface
network-analysis pcap python python3 scapy traffic-analysis
Last synced: 04 May 2025
https://github.com/activecm/zcutter
Extracts fields from zeek logs, compatible with zeek-cut
converter json python-3 python3 tsv tsv-parser zeek
Last synced: 04 May 2025
https://github.com/activecm/devprof
Device profile: Define acceptable amounts of traffic for your devices and see a report of outliers.
Last synced: 04 May 2025
https://github.com/activecm/sniffer-template
Template for building a packet sniffer
pcap pcap-analyzer pcap-files pcap-library python python3 scapy template
Last synced: 04 May 2025
https://github.com/activecm/rita-bl
Real Intelligence Threat Analytics -- Blacklist Database
Last synced: 04 May 2025
https://github.com/activecm/mongo-diff
A Python script for diff'ing mongo databases
Last synced: 04 May 2025
https://github.com/activecm/zeek-log-transport
This script ships logs from Zeek to AC-Hunter
Last synced: 06 Feb 2026
https://github.com/activecm/pi_show
Python script/library for displaying text and graphics on Raspberry Pi PiOled Hat
mit-license python python-3 python3 raspberry-pi raspberrypi
Last synced: 04 May 2025
https://github.com/activecm/pi_project_installer
A support library and set of scripts to simplify installing software on the Raspberry Pi/Raspbian
Last synced: 04 May 2025
https://github.com/activecm/safelist-tools
Tools for working with the safelist (formerly whitelist)
Last synced: 01 Jul 2025
https://github.com/activecm/shell-lib
Shell Scripts Used Across ActiveCM Projects
Last synced: 28 Jun 2025
https://github.com/activecm/mgosec
A Small Helper Library For Securing MongoDB Connections with Golang
Last synced: 04 May 2025
https://github.com/activecm/certificate-issues
Identifies certificate problems from Zeek ssl log files
Last synced: 03 Jan 2026
https://github.com/activecm/bro-rita
A bro plugin for writing log data to MongoDB for use with RITA
Last synced: 04 May 2025
https://github.com/activecm/zeek-log-clean
Delete Zeek log files until disk usage is under a given threshold
Last synced: 20 Sep 2025
https://github.com/activecm/docker-ca
A Docker Image For OpenSSL Certificate Authorities (For Testing)
Last synced: 04 May 2025
https://github.com/activecm/pcap-resources
Support files and tools for pcap analysis and packet capture
Last synced: 06 Mar 2026
https://github.com/activecm/save_json_stream
JSON TCP stream importer for RITA and AC-Hunter
bricata python-3 python3 rita threat-hunting zeek zeek-ids
Last synced: 08 Jun 2026
https://github.com/activecm/dbtest
Managed Integration Testing Dependencies via Docker for Go
Last synced: 26 Oct 2025
https://github.com/activecm/ach-zeek
Zeek installer packaged with AC-Hunter
Last synced: 13 Oct 2025
https://github.com/activecm/bro-rita-test
Compares bro-rita against rita's built in parsing
Last synced: 04 May 2025
https://github.com/activecm/db-lib
Python database access library
python python3 sqlite sqlite3 sqlite3-database
Last synced: 26 Nov 2025
https://github.com/activecm/active-dns-lookup
Lookup hostnames via dns
converter dns dns-client python python3 zeek
Last synced: 24 Aug 2025
https://github.com/activecm/tcp-sig-json
Json file that holds TCP signatures for passive OS fingerprinting
Last synced: 29 May 2026