zeek-njrat-detector
This detector uses two types of detection:
1) A Spicy analyzer to detect njRAT C2. 2) The intelligence framework to detect IOCs.
More information on how this package was created can be found at:
This detector uses two types of detection:
1) A Spicy analyzer to detect njRAT C2. 2) The intelligence framework to detect IOCs.
More information on how this package was created can be found at:
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
scripts
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
scripts
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
scripts
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
scripts
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
scripts
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0
A Zeek based njRAT detector.
analyzer
mkdir -p build && cd build && SPICYZ=$(command -v spicyz || echo %(package_base)s/spicy-plugin/build/bin/spicyz) cmake .. && cmake --build .
cd testing && btest -c btest.cfg
zeek >=4.0.0