Description
RITA (Real Intelligence Threat Analytics) is an open source framework for network traffic analysis.
The framework ingests Zeek Logs in TSV format, and currently supports the following major features:
- Beaconing Detection: Search for signs of beaconing behavior in and out of your network
- DNS Tunneling Detection Search for signs of DNS based covert channels
- Blacklist Checking: Query blacklists to search for suspicious domains and hosts
Licenses
Languages
Tags
Reference
Homepage