cyber-threat-intelligence

There are 64 repositories under cyber-threat-intelligence topic.

• IntelOwl

  intelowlproject / IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  cyber-securitycyber-threat-intelligencecybersecuritydfirenrichmenthacktoberfesthoneynetincident-responseintel-owliocmalware-analysismalware-analyzerosintosint-pythonpythonsecurity-toolsthreat-huntingthreat-intelligencethreathuntingthreatintel
  Language:Python 3977

• mitre-attack / attack-navigator

  Web app that provides basic navigation and annotation of ATT&CK matrices

  cticyber-threat-intelligencemitre-attackmitre-corporationcybersecurity
  Language:TypeScript 2049

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  ctidcybersecuritythreat-informed-defensemitre-attackred-teamcyber-threat-intelligenceadversary-emulationadversary-emulation-plans
  Language:C 1792

• mitre / cti

  Cyber Threat Intelligence Repository expressed in STIX 2.0

  attackcticyber-threat-intelligencestix
  1783

• mytechnotalent / Hacking-Windows

  A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

  hackingwindowsassemblyassemblercppcplusplusidaida-proidaproreverse-engineeringblue-teamtrainingtraining-materialstraining-materialcybersecurityhackcybercyber-threat-intelligencewin32apimicrosoft-windows
  Language:C 1399
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  analysisanalyzerapicortexcyber-threat-intelligencedfirdigital-forensicsenginefreefree-softwareincident-responseiocsobservableopen-sourcepythonresponserestscalasecurity-incidentsthehive
  Language:Scala 1370

• mitre-attack / car

  Cyber Analytics Repository

  cyber-analyticscyber-threat-intelligencecybersecuritymitre-corporation
  Language:Python 914

• mitre-attack / attack-scripts

  Scripts and a (future) library to improve users' interactions with the ATT&CK content

  cybersecuritycyber-threat-intelligencemitre-corporationctimitre-attackpython
  Language:Python 585

• center-for-threat-informed-defense / attack-flow

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  cybersecurityctidmitre-attackcyber-threat-intelligencethreat-informed-defense
  Language:TypeScript 575

• mxm0z / awesome-intelligence-writing

  Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc

  awesomeawesome-listcyber-threat-intelligenceintelligenceintelligence-analysisreportingthreat-intelligencethreat-reportsthreatintelwritingwritings
  532

• mitre-attack / attack-website

  MITRE ATT&CK Website

  cybersecuritymitre-corporationcyber-threat-intelligencemitre-attackcti
  Language:HTML 503

• mitre-attack / mitreattack-python

  A python module for working with ATT&CK

  cybersecuritycyber-threat-intelligencemitre-corporationctimitre-attackpython
  Language:Python 501

• aw-junaid / Hacking-Tools

  This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.

  pythonalgorithmsartificial-intelligencebugbountycryptographycyber-threat-intelligencecybersecurity-projectsethical-hackinghacking-toolsmalwarenessusnetwork-monitoringnetwork-securitynmapportscannerpythonprojectsthreat-intelligencevirus-scanning
  Language:C 488

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  cticyber-threat-intelligencemitre-attackcybersecuritynist800-53security-controlsctidthreat-informed-defenserisk-management
  Language:Python 488

• center-for-threat-informed-defense / tram

  TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

  ctidcyber-threat-intelligencethreat-informed-defensemitre-attackcybersecurity
  Language:Jupyter Notebook 464
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  analyzercortexcyber-threat-intelligencedfirdigital-forensicsenrichmentfreefree-softwareincident-responseiocjsonobservableopen-sourcepythonthehive
  Language:Python 441

• oasis-open / cti-python-stix2

  OASIS TC Open Repository: Python APIs for STIX 2

  cticyber-threat-intelligencejsonoasispythonstixstix2
  Language:Python 376

• mitre-attack / attack-stix-data

  STIX data representing MITRE ATT&CK

  attackcticyber-threat-intelligencecybersecuritymitre-corporationstix
  Language:Python 357

• stanfrbd / cyberbro

  A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

  blueteamcyber-threat-intelligencecybersecuritydfirdockerhashincident-responseinfoseciocipinfoosintosint-pythonpythonsecuritysecurity-toolsthreatthreat-huntingthreat-intelligencevirustotal
  Language:HTML 248

• center-for-threat-informed-defense / cti-blueprints

  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

  ctidcyber-threat-intelligencecybersecurityincident-responsemalware-analysismitre-attackthreat-actorsthreat-informed-defense
  Language:TypeScript 220

• duggytuxy / malicious_ip_addresses

  Lists of addresses of the most active C2, Botnets, Zombies, Scanners DST = France & Belgium

  botnetsddosipv4malwarezombiesipaddressesmaliciouscyber-threat-intelligencecybersecurity
  217

• eclecticiq / OpenTAXII

  TAXII server implementation in Python from EclecticIQ

  cticyber-threat-intelligencepythonstixtaxiitaxii-serverthreat-sharingthreatintel
  Language:Python 194

• jackaduma / SecBERT

  pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

  aptattentionbertbert-embeddingscyber-securitycyber-threat-intelligencecybersecuritydeep-learning-securitydeeplearningmachine-learning-securitynlpnlp-machine-learningsecuritysecurity-automationthreat-analysisthreat-detectionthreat-huntingthreat-intelligencetransformer-encodertransformers
  Language:Python 169

• travisbgreen / hunting-rules

  Suricata rules for network anomaly detection

  suricata-rulesuricataidsnsmthreat-huntingcybersecurityanomaly-detectioncyber-threat-intelligencenetwork-securitynetwork-monitoringlateral-movementthreat-intelligence
  155

• oasis-open / cti-stix-visualization

  OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships

  javascriptstixstix2jsonctioasiscyber-threat-intelligencevisualizationvisualizer
  Language:JavaScript 145

• center-for-threat-informed-defense / insider-threat-ttp-kb

  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

  ctidcyber-threat-intelligencecybersecurityinsider-threatmitre-attackthreat-informed-defense
  Language:Python 142

• intelowlproject / GreedyBear

  Threat Intel Platform for T-POTs

  cyber-threat-intelligencecybersecurityhacktoberfesthoneypotiocopen-sourcepythonthreat-intelligencethreatinteltpot
  Language:Python 139

• oasis-open / cti-taxii-server

  OASIS TC Open Repository: TAXII 2 Server Library Written in Python

  pythonpython-scripttaxiitaxii2ctioasiscyber-threat-intelligenceserver
  Language:Python 125

• oasis-open / cti-stix2-json-schemas

  OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

  antlrcticyber-threat-intelligencejsonjson-schemaoasisschemasstixstix2
  Language:ANTLR 119

• vlegoy / rcATT

  A python app to predict Att&ck tactics and techniques from cyber threat reports

  cyber-threat-intelligenceattackttpmulti-label-classification
  Language:Python 118

• center-for-threat-informed-defense / top-attack-techniques

  Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

  ctidcyber-threat-intelligencecybersecuritymitre-attack
  Language:Vue 116

• oasis-open / cti-taxii-client

  OASIS TC Open Repository: TAXII 2 Client Library Written in Python

  pythontaxiitaxii2jsonctioasiscyber-threat-intelligenceclient
  Language:Python 113

• curated-intel / Initial-Access-Broker-Landscape

  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape

  cyber-threat-intelligencectiransomwaremalwaredarkwebiabinitial-access-brokerinitial-access-brokersinitialaccessinitial-access
  109

• gertjanbruggink / metrics

  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.

  cyber-securitycyber-threat-intelligencecybersecuritydecision-makingmetricssystemsthreat-informed
  108

• oasis-open / cti-documentation

  OASIS TC Open Repository: GitHub Pages site for STIX and TAXII

  oasisctistixstix2taxiitaxii2jsoncyber-threat-intelligence
  Language:SCSS 97

• OsmanKandemir / indicator-intelligence

  Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.

  cticyber-analystcyber-intelligencecyber-securitycyber-threat-analystcyber-threat-huntingcyber-threat-intelligencedomainshacking-toolsiocmaliciousmalicious-domainsmalicious-ipsmalicious-linkmalicious-url-detectionmalware-researchsecurity-toolsthreat-intelligence
  Language:Python 94