IntelDB is an open-source, minimal framework for collecting, storing and searching threat indicators, designed for individuals and small teams. The system is type agnostic (does not include predefined indicator types) in order to allow for dynamic storage of unique artifacts.
(Very much a work in progress)
Build Status
Code base is being cleaned up and will be pushed soon
Installation
Dependencies:
- MongoDB
- MySQL
Common Questions
Why not use CRITS or MISP? Both of these systems are fantastic and have excellent developers supporting them. However, these systems are designed for larger teams and provide support for a number of different work flows.