Getting Started on Contributing to RITA

Fixing Bro/Zeek’s Long Connection Detection Problem

Tshark Examples – Theory & Implementation

Threat Simulation – Client Signatures (TLS Signature)

Threat Simulation – Certificate Issues

Threat Simulation – Threat Intel

Threat Simulation – Beacons

Threat Simulation – DNS

Threat Simulation – Client Signatures (User Agent)

Threat Simulation – Long Connections

Threat Simulation – Unexpected Protocol on Non-Standard Port

Threat Simulation Overview and Setup