cyber-threat-intelligence

There are 73 repositories under cyber-threat-intelligence topic.

• IntelOwl

  intelowlproject / IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  security-toolspythonthreat-intelligenceiocincident-responsecyber-threat-intelligenceenrichmenthoneynetosintosint-pythonthreatintelmalware-analysismalware-analyzerintel-owlthreat-huntinghacktoberfestcyber-securitycybersecuritythreathuntingdfir
  Language:Python 4313

• mitre-attack / attack-navigator

  Web app that provides basic navigation and annotation of ATT&CK matrices

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporation
  Language:TypeScript 2217

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  ctidcybersecuritythreat-informed-defensemitre-attackred-teamcyber-threat-intelligenceadversary-emulationadversary-emulation-plans
  Language:C 1987

• mitre / cti

  Cyber Threat Intelligence Repository expressed in STIX 2.0

  attackcticyber-threat-intelligencestix
  1945

• mytechnotalent / Hacking-Windows

  A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

  assemblerassemblyblue-teamcpluspluscppcybercyber-threat-intelligencecybersecurityhackhackingidaida-proidapromicrosoft-windowsreverse-engineeringtrainingtraining-materialtraining-materialswin32apiwindows
  Language:C 1503
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  responsedfiranalysisanalyzerthehiveenginescalapythonrestapisecurity-incidentsdigital-forensicsiocsobservablefreefree-softwareopen-sourceincident-responsecyber-threat-intelligencecortex
  Language:Scala 1478

• mitre-attack / car

  Cyber Analytics Repository

  cyber-analyticscyber-threat-intelligencecybersecuritymitre-corporation
  Language:Python 957

• center-for-threat-informed-defense / attack-flow

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  cybersecurityctidmitre-attackcyber-threat-intelligencethreat-informed-defense
  Language:TypeScript 681

• aw-junaid / Hacking-Tools

  This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.

  pythonalgorithmsartificial-intelligencebugbountycryptographycyber-threat-intelligencecybersecurity-projectsethical-hackinghacking-toolsmalwarenessusnetwork-monitoringnetwork-securitynmapportscannerpythonprojectsthreat-intelligencevirus-scanning
  Language:C 626

• mitre-attack / mitreattack-python

  A python module for working with ATT&CK

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporationpython
  Language:HTML 589

• mitre-attack / attack-scripts

  Scripts and a (future) library to improve users' interactions with the ATT&CK content

  cybersecuritycyber-threat-intelligencemitre-corporationctimitre-attackpython
  Language:Python 586

• mxm0z / awesome-intelligence-writing

  Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc

  intelligencewritingthreatintelawesomeawesome-listcyber-threat-intelligenceintelligence-analysisreportingthreat-intelligencethreat-reportswritings
  565

• mitre-attack / attack-website

  MITRE ATT&CK Website

  cybersecuritymitre-corporationcyber-threat-intelligencemitre-attackcti
  Language:HTML 543

• center-for-threat-informed-defense / tram

  TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

  ctidcyber-threat-intelligencethreat-informed-defensemitre-attackcybersecurity
  Language:Jupyter Notebook 516

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  cticyber-threat-intelligencemitre-attackcybersecuritynist800-53security-controlsctidthreat-informed-defenserisk-management
  Language:Python 495
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  analyzercortexcyber-threat-intelligencedfirdigital-forensicsenrichmentfreefree-softwareincident-responseiocjsonobservableopen-sourcepythonthehive
  Language:Python 467

• mitre-attack / attack-stix-data

  STIX data representing MITRE ATT&CK

  attackstixcybersecuritymitre-corporationcticyber-threat-intelligence
  Language:Python 459
• cyberbro

  stanfrbd / cyberbro

  A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

  cybersecuritythreat-intelligenceipinfovirustotalcyber-threat-intelligencedfirincident-responseiocosintosint-pythonpythonsecurity-toolsthreat-huntingblueteamdockerhashsecuritythreatinfosec
  Language:Python 455

• oasis-open / cti-python-stix2

  OASIS TC Open Repository: Python APIs for STIX 2

  cticyber-threat-intelligencejsonoasispythonstixstix2
  Language:Python 400

• duggytuxy / Data-Shield_IPv4_Blocklist

  Ce projet vise à réduire le nombre d'attaques en bloquant les adresses IP identifiées comme abusives, agressives ou malveillantes.

  botnetsddosipv4malwareipaddressesmaliciouscyber-threat-intelligencecybersecurityattack-detectiondnssinkholefirewallfirewall-configurationfirewall-rulesnetworknetwork-securitywebwebapplicationfirewallblacklist-ipsblocklist
  321

• center-for-threat-informed-defense / cti-blueprints

  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

  ctidcyber-threat-intelligencecybersecurityincident-responsemalware-analysismitre-attackthreat-actorsthreat-informed-defense
  Language:TypeScript 265

• eclecticiq / OpenTAXII

  TAXII server implementation in Python from EclecticIQ

  cticyber-threat-intelligencepythonstixtaxiitaxii-serverthreat-sharingthreatintel
  Language:Python 205

• jackaduma / SecBERT

  pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

  cybersecuritysecuritynlpbertbert-embeddingsnlp-machine-learningdeeplearningattentiontransformerstransformer-encodercyber-securitysecurity-automationaptmachine-learning-securitydeep-learning-securitycyber-threat-intelligencethreat-intelligencethreat-huntingthreat-detectionthreat-analysis
  Language:Python 188

• travisbgreen / hunting-rules

  Suricata rules for network anomaly detection

  suricata-rulesuricataidsnsmthreat-huntingcybersecurityanomaly-detectioncyber-threat-intelligencenetwork-securitynetwork-monitoringlateral-movementthreat-intelligence
  169

• intelowlproject / GreedyBear

  Threat Intel Platform for T-POTs

  honeypotthreat-intelligencecyber-threat-intelligencethreatintelcybersecurityopen-sourcepythonioctpothacktoberfest
  Language:Python 161

• oasis-open / cti-stix-visualization

  OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships

  cticyber-threat-intelligencejavascriptjsonoasisstixstix2visualizationvisualizer
  Language:JavaScript 154

• center-for-threat-informed-defense / insider-threat-ttp-kb

  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

  cybersecurityctidmitre-attackcyber-threat-intelligenceinsider-threatthreat-informed-defense
  Language:Python 146
• ThreatIntel-Reports

  mthcht / ThreatIntel-Reports

  Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

  aptcticyber-threat-intelligencemalware-analysismalware-analysis-reportsmalware-researchthreat-analysisthreat-huntingthreat-intelligencethreat-modelingthreatintel
  Language:Python 136

• oasis-open / cti-taxii-server

  OASIS TC Open Repository: TAXII 2 Server Library Written in Python

  cticyber-threat-intelligenceoasispythonpython-scriptservertaxiitaxii2
  Language:Python 133

• Offensive-Panda / DefenseEvasionTechniques

  This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedicated to improving their skills in malware development, malware research, offensive security, security defenses and measures.

  cyber-threat-intelligenceedr-evasionmalware-developmentmalware-researchoffensivesecurity
  Language:C++ 132

• oasis-open / cti-stix2-json-schemas

  OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

  stixstix2ctioasiscyber-threat-intelligenceantlrjsonjson-schemaschemas
  Language:ANTLR 127

• vlegoy / rcATT

  A python app to predict Att&ck tactics and techniques from cyber threat reports

  cyber-threat-intelligenceattackttpmulti-label-classification
  Language:Python 125

• center-for-threat-informed-defense / top-attack-techniques

  Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

  ctidcyber-threat-intelligencecybersecuritymitre-attack
  Language:Vue 119

• oasis-open / cti-taxii-client

  OASIS TC Open Repository: TAXII 2 Client Library Written in Python

  clientcticyber-threat-intelligencejsonoasispythontaxiitaxii2
  Language:Python 116

• curated-intel / Initial-Access-Broker-Landscape

  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape

  accesscticyber-threat-intelligencedarkwebiabinitialinitial-accessinitial-access-brokerinitial-access-brokersmalwareransomware
  114

• gertjanbruggink / metrics

  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.

  cyber-securitycyber-threat-intelligencecybersecuritydecision-makingmetricssystemsthreat-informed
  114