eCrimeLabs

MISP-PurgeEvents

Cleanup of older MISP events can require some work until now

MISP2CbR

Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.

phish2MISP

Easy way to create a MISP event related to a Phishing page

cratos-fastapi

The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such as SIEM, DNS, Proxies, Firewalls, EDR, NDR and other that can consume a file with indicators.

ja3toMISP

Extracts JA3 fingerprints from a PCAP and adds them to an event in MISP as objects

vt2misp

Script to fetch data from virustotal and add it to a specific event as an object

MISP-autotagging

This script when executed searches for organisations with a specific UUID and add a dedicated local tag to the event.

securityonion-ecrimelabs

Implementation of informaiton from MISP through the eCrimeLabs API and into SecurityOnion

Presentations

Various presentations

IOC

Indicators of Compromise

attack2jira

attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage

APT_REPORT

Interesting apt report collection and some special ioc express

Crypter

Crypter - Python-based builder and ransomware compiled to Windows executable using PyInstaller

eCrimeLabsFeeds

A tool to fetch all the feeds presented through the API

emotet_research

Malware-Scripts

misp-objects

Definition, description and relationship types of MISP objects

MISP-QRadar-Integration

The Project can used to integrate QRadar with MISP Threat Sharing Platform

misp-taxonomies

Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.

misp-usergroups

MISP User Groups

misp-website

MISP website (hugo-based)

Pineapple-MK4

Repository for Pineapple MK4 infusions sources