ethack
ethack
Using the registry install keys might be another source to look for AV products. This method is used in this script: https://github.com/harleyQu1nn/AggressorScripts/blob/master/AVQuery.cna
I think the watcher aggregations output is incorrect for the count distinct case. Though I'm not sure if it's in a general case or just in this scenario. I could...
First pass at a github action replacement for docker build. Also tests building for arm7 and arm64.
Bro has an intel [log](https://www.bro.org/sphinx/script-reference/log-files.html) documented [here](https://www.bro.org/sphinx/scripts/base/frameworks/intel/main.bro.html#type-Intel::Info). One notable service that integrates with this log is [Critical Stack](https://intel.criticalstack.com/) which acts as a sort of blacklist marketplace/aggregator. The suggestion I have...
One user manually transferred databases between MongoDB instances. They transferred their MetaDatabase, however did not transfer all the databases referenced in the MetaDatabase. This caused rita to error when run,...
Currently the RITA installer requires the user to answer a number of prompts. This makes it impossible to run the installer from an automated system such as TrevorCI or Jenkins....
This feed is no longer available and the default config should be changed to disable it until it is fully removed from [rita-bl](https://github.com/activecm/rita/blob/master/config/static.go#L78). - https://github.com/activecm/rita/blob/4a4b6394a6fb2619ba91e0112e94a54f0653808a/etc/rita.yaml#L111 - https://github.com/activecm/rita/blob/4a4b6394a6fb2619ba91e0112e94a54f0653808a/config/static.go#L78 https://github.com/activecm/rita-bl/issues/10
The count score portion of beacon gets skewed by long connections. The divsor is [`tsMax - tsMin`](https://github.com/activecm/rita/blob/master/pkg/beacon/analyzer.go#L184) but `tsMin` can be days prior to the majority of the dataset due...
Just a place to keep track of future refactoring ideas - ~~https://github.com/activecm/rita/pull/591#discussion_r542827922~~ - ~~https://github.com/activecm/rita/pull/591#discussion_r542867872~~ - ~~https://github.com/activecm/rita/pull/591#discussion_r542891507~~ - https://github.com/activecm/rita/pull/591#discussion_r542911872 - ~~https://github.com/activecm/rita/pull/591#discussion_r542918302~~ - https://github.com/activecm/rita/pull/591#discussion_r542921604 - ~~https://github.com/activecm/rita/pull/591#discussion_r542911872~~
https://github.com/activecm/rita/pull/591#discussion_r542896858