Maltrail @maltrail

Malicious traffic detection system (made by humans for humans)

maltrail.github.io
Joined December 2015
Maltrail retweeted
LAC4 @LAC4_EUCN
13 Nov 2024
Miroslav Stampar shares insights to Maltrail system that’s designed to detect malicious traffic by identifying potential threats and monitors network traffic. A great case study from Croatia! #CyberWeek2024
3
4
Happy to announce that Maltrail has been (again) sponsored by @sansecio
2
1
9
Maltrail retweeted
Gizmo @TeamDreier
7 Apr 2021
The SIE Europe pDNS system is now getting active feed with extended malware feeds per 15/min. Thanks @maltrail for the feeds (nice work)
1
2
8
You can find our Wiki pages at github.com/stamparm/maltrail… with FAQs, trail classes, UI tips and tricks, etc.

Home

Malicious traffic detection system. Contribute to stamparm/maltrail development by creating an account on GitHub.

github.com
1
2
7
With the latest version (0.29.24), we added a new feed "statics" that will keep your sensor's static trails up to date, even if you don't frequently update the codebase
2
8
Top feature missing and worst feature available in Maltrail?
1
1
Challenge. Try (free and open-source) Maltrail and compare malware detection results with any commercial network product you use in your corporate network. Pass results to your management and your colleagues. p.s. we already know the results, but have to play neutral :D
1
1
5
Protip for UI: press left and/or right keyboard button for easier and faster changing of a current page
1
1
With latest revision sensor's switch --console got new looks
2
3
Implemented fancy colorized console output
3
If you are a CERT member, I would like to point you to the maltrail.github.io/ and its demo site located at maltraildemo.github.io/. @maltrail is free and open-source network sensor system, where we spend tons of time filling it with latest network IoCs
4
9
With latest revision, once logged in into the UI, you can use "?refresh=N" to force refresh of data every N seconds (e.g. ?refresh=60)
2
9
Two new UI features: A) "Hide threat" - threat details will be hidden in future browser reports and B) "Report false positive" - threat details will be sent to us for additional analysis
1
6
Maltrail demo pages are available at maltraildemo.github.io
2
4
Tags are patched now. So, you can add searchable tags (i.e. attributes) for each recognized threat, which will be stored inside your local web browser storage for future usage
1
2
If you want to integrate Maltrail events into your existing SIEM platform, from this moment you can choose between CEF (option SYSLOG_SERVER) and JSON (option LOGSTASH_SERVER) formats
1
3
How to get condensed one-line report for each network threat instead of thousands of non-coherent events inside a SIEM? Use Maltrail
1
How to spot web attacks on your servers? Use Maltrail
3
How to spot malware in your network environment? Use Maltrail
3
10
Maltrail retweeted
Dee
 @ViriBack
21 Dec 2020
Shout out to @maltrail project who accounts for 46% of the C2Tracker data dump trafic! Since november 1st, a daily avg of 700+ uniq ip's pulling from the tracker from that project alone. Thks to : @500mk500 & @stamparm for the initiative ref: github.com/stamparm/maltrail
2
1
6
Load more