Skip to content

Real Intelligence Threat Analysis (RITA)

Network Security

An open‑source framework that analyzes Zeek network logs to detect beaconing, long connections, DNS tunneling, and threat‑intel matches.

Track releases GitHub Website
Go Latest v5.1.2 · 28d ago Security brief →

Features

  • Detects beaconing behavior in traffic
  • Identifies long‑duration network connections
  • Scans for DNS tunneling covert channels
  • Checks imported logs against threat‑intel feeds

Recent releases

View all 2 releases →
v5.1.2 New feature
Notable features
  • Added configurable limits for available CPU cores during importing
Full changelog

What's Changed

  • Installer and Import Logic Updates by @lisaSW in https://github.com/activecm/rita/pull/90
  • Simplify installer and update CI by @lisaSW in https://github.com/activecm/rita/pull/95
  • Update analysis hash filters to use WHERE IN by @caffeinatedpixel in https://github.com/activecm/rita/pull/98
  • Limits for available CPU cores during importing by @pawelfloryan in https://github.com/activecm/rita/pull/97

New Contributors

  • @pawelfloryan made their first contribution in https://github.com/activecm/rita/pull/97

Full Changelog: https://github.com/activecm/rita/compare/v5.1.0...v5.1.2

View release on GitHub
v5.1.1 Bug fix

Improved installer reliability by removing forced system reboots, switched to pipx for Ansible, enhanced threat intelligence source failure handling, and fixed permission flag checks to prevent import failures.

View release on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
569
Forks
62
Languages
Go Shell Python
View on GitHub Homepage

Install & Platforms

Install via
docker shell-script
Platforms
linux

Similar tools

Wireshark
82ch/MCP-Dandan
DeTT&CT
AIM-Intelligence/AIM-Guard-MCP
Intel Owl

Beta — feedback welcome: [email protected]