Tehsat malware traffice generator is designed to provide a Proof of Concept implementation for detecting malware traffic using Cyber Data Analytics. The inspired projects, research, technologies and ideas are listed in "Simulating Malware Communications in Distributed Networks" in the docs folder. A brief demo video is available on YouTube to give a brief usage example.
As I'm developing this tool in my free time, please expect delays and numerous bugs.
0.1 - Proof of Concept
- Fatih Ozavci - https://linkedin.com/in/fozavci
- HTTP(S)
- HTTP(S) Websocket
- TCP
- UDP
- Several Bug Fixes
- Protocol/Service Configuration Checker
- DNS
- DNS over HTTPS
- ICMP
- SMB Named Pipe
- TLS over TCP and UDP
- Simulating Malware Communications in Distributed Networks
https://github.com/fozavci/tehsat/blob/main/docs/Malware%20Communications%201.0.pdf - Current State of Malware Command and Control Communication Channels and Future Predictions
https://github.com/fozavci/tehsat/raw/main/docs/Current%20State%20of%20Malware%20Command%20and%20Control%20Channels%20and%20Future%20Predictions-v1.0.pdf
- Tehsat Malware Traffic Generator - IcedID Ransomware Traffic Simulation
https://youtu.be/JdfRUjIojCw
- Malware Traffic Generation to Improve Security Incident Detections
https://www.youtube.com/watch?v=c-dpHgBPckM