cyber-threat-intelligence

There are 53 repositories under cyber-threat-intelligence topic.

• mytechnotalent / Reverse-Engineering

  A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

  reverse-engineeringhackingx86x64assemblyassembly-languageassembly-language-programmingcybersecurityarmc-plus-plusassembly-x86-64cyber-securitycyber-threat-intelligencearm-assemblycreverse-engineering-tutorialmalwaregogolangrust
  Language:Assembly 9969
• IntelOwl

  intelowlproject / IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  security-toolspythonthreat-intelligenceiocincident-responsecyber-threat-intelligenceenrichmenthoneynetosintosint-pythonthreatintelmalware-analysismalware-analyzerintel-owlthreat-huntinghacktoberfestcyber-securitycybersecuritythreathuntingdfir
  Language:Python 3102

• mitre-attack / attack-navigator

  Web app that provides basic navigation and annotation of ATT&CK matrices

  cticyber-threat-intelligencemitre-attackmitre-corporationcybersecurity
  Language:TypeScript 1872

• mitre / cti

  Cyber Threat Intelligence Repository expressed in STIX 2.0

  attackcticyber-threat-intelligencestix
  1624

• center-for-threat-informed-defense / adversary_emulation_library

  An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

  ctidcybersecuritythreat-informed-defensemitre-attackred-teamcyber-threat-intelligenceadversary-emulationadversary-emulation-plans
  Language:C 1535

• mytechnotalent / Hacking-Windows

  A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

  hackingwindowsassemblyassemblercppcplusplusidaida-proidaproreverse-engineeringblue-teamtrainingtraining-materialstraining-materialcybersecurityhackcybercyber-threat-intelligencewin32apimicrosoft-windows
  Language:C 1290
• Cortex

  TheHive-Project / Cortex

  Cortex: a Powerful Observable Analysis and Active Response Engine

  responsedfiranalysisanalyzerthehiveenginescalapythonrestapisecurity-incidentsdigital-forensicsiocsobservablefreefree-softwareopen-sourceincident-responsecyber-threat-intelligencecortex
  Language:Scala 1240

• mitre-attack / car

  Cyber Analytics Repository

  cyber-analyticscyber-threat-intelligencecybersecuritymitre-corporation
  Language:Python 866

• mitre-attack / attack-scripts

  Scripts and a (future) library to improve users' interactions with the ATT&CK content

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporationpython
  Language:Python 573

• center-for-threat-informed-defense / attack-flow

  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

  cybersecurityctidmitre-attackcyber-threat-intelligencethreat-informed-defense
  Language:TypeScript 496

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  cticyber-threat-intelligencemitre-attackcybersecuritynist800-53security-controlsctidthreat-informed-defenserisk-management
  Language:Python 467

• mitre-attack / attack-website

  MITRE ATT&CK Website

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporation
  Language:HTML 455
• Cortex-Analyzers

  TheHive-Project / Cortex-Analyzers

  Cortex Analyzers Repository

  thehiveanalyzercortexfreefree-softwareopen-sourceobservableiocjsonincident-responsedigital-forensicsdfircyber-threat-intelligencepythonenrichment
  Language:Python 412

• center-for-threat-informed-defense / tram

  TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

  ctidcyber-threat-intelligencethreat-informed-defensemitre-attackcybersecurity
  Language:Jupyter Notebook 389

• mitre-attack / mitreattack-python

  A python module for working with ATT&CK

  cticyber-threat-intelligencecybersecuritymitre-attackmitre-corporationpython
  Language:Python 367

• oasis-open / cti-python-stix2

  OASIS TC Open Repository: Python APIs for STIX 2

  pythonstixstix2cyber-threat-intelligencejsonctioasis
  Language:Python 349

• mitre-attack / attack-stix-data

  STIX data representing MITRE ATT&CK

  attackcticyber-threat-intelligencecybersecuritymitre-corporationstix
  Language:Python 281

• eclecticiq / OpenTAXII

  TAXII server implementation in Python from EclecticIQ

  taxiistixctipythontaxii-serverthreatintelthreat-sharingcyber-threat-intelligence
  Language:Python 180

• center-for-threat-informed-defense / cti-blueprints

  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

  ctidcyber-threat-intelligencecybersecurityincident-responsemalware-analysismitre-attackthreat-actorsthreat-informed-defense
  Language:TypeScript 157

• travisbgreen / hunting-rules

  Suricata rules for network anomaly detection

  suricata-rulesuricataidsnsmthreat-huntingcybersecurityanomaly-detectioncyber-threat-intelligencenetwork-securitynetwork-monitoringlateral-movementthreat-intelligence
  139

• jackaduma / SecBERT

  pretrained BERT model for cyber security text, learned CyberSecurity Knowledge

  aptattentionbertbert-embeddingscyber-securitycyber-threat-intelligencecybersecuritydeep-learning-securitydeeplearningmachine-learning-securitynlpnlp-machine-learningsecuritysecurity-automationthreat-analysisthreat-detectionthreat-huntingthreat-intelligencetransformer-encodertransformers
  Language:Python 132

• oasis-open / cti-stix-visualization

  OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships

  javascriptstixstix2jsonctioasiscyber-threat-intelligencevisualizationvisualizer
  Language:JavaScript 128

• center-for-threat-informed-defense / insider-threat-ttp-kb

  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

  cybersecurityctidmitre-attackcyber-threat-intelligenceinsider-threatthreat-informed-defense
  Language:Python 124

• intelowlproject / GreedyBear

  Threat Intel Platform for T-POTs

  honeypotthreat-intelligencecyber-threat-intelligencethreatintelcybersecurityopen-sourcepythonioctpothacktoberfest
  Language:Python 116

• oasis-open / cti-taxii-server

  OASIS TC Open Repository: TAXII 2 Server Library Written in Python

  pythonpython-scripttaxiitaxii2ctioasiscyber-threat-intelligenceserver
  Language:Python 112

• center-for-threat-informed-defense / top-attack-techniques

  Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.

  ctidcyber-threat-intelligencecybersecuritymitre-attack
  110

• curated-intel / Initial-Access-Broker-Landscape

  A visualized overview of the Initial Access Broker (IAB) cybercrime landscape

  cyber-threat-intelligencectiransomwaremalwaredarkwebiabinitial-access-brokerinitial-access-brokersinitialaccessinitial-access
  105

• vlegoy / rcATT

  A python app to predict Att&ck tactics and techniques from cyber threat reports

  cyber-threat-intelligenceattackttpmulti-label-classification
  Language:Python 104

• oasis-open / cti-stix2-json-schemas

  OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

  stixstix2ctioasiscyber-threat-intelligenceantlrjsonjson-schemaschemas
  Language:ANTLR 103

• oasis-open / cti-taxii-client

  OASIS TC Open Repository: TAXII 2 Client Library Written in Python

  pythontaxiitaxii2jsonctioasiscyber-threat-intelligenceclient
  Language:Python 103

• oasis-open / cti-documentation

  OASIS TC Open Repository: GitHub Pages site for STIX and TAXII

  oasisctistixstix2taxiitaxii2jsoncyber-threat-intelligence
  Language:SCSS 89

• OsmanKandemir / indicator-intelligence

  Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.

  cyber-intelligencemalicious-domainsmalicious-ipsmalware-researchthreat-intelligencedomainsmaliciousmalicious-linkcyber-analystcyber-securitymalicious-url-detectionsecurity-toolscticyber-threat-analystcyber-threat-huntingcyber-threat-intelligenceioc
  Language:Python 84

• jackaduma / ThreatReportExtractor

  Extracting Attack Behavior from Threat Reports

  advanced-persistent-threatcyber-threat-intelligencecybersecuritydeep-learningdeeplearninggraphgraph-algorithmsmachine-learningmachine-learning-algorithmsnatural-language-processingnlpnlp-machine-learningnlp-parsingsecuritythreat-analysisthreat-intelligence
  Language:Python 73

• BushidoUK / Exploring-APT-campaigns

  Further investigation in to APT campaigns disclosed by private security firms and security agencies

  threatintelcticybersecuritycyber-threat-intelligence
  70

• center-for-threat-informed-defense / attack_to_veris

  🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  cybersecurityctidmitre-attackcyber-threat-intelligencethreat-informed-defenseveris
  Language:Python 69

• paulveillard / cybersecurity-SOAR

  A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).

  soarorchestrationorchestration-servicesscalabilityincident-responseincident-managementcyber-threat-intelligencesecurity-hardeningos-hardeningios-hackinghacking-toolssiemdesign-patternsscalable-applicationsincident-matrixcompliance-as-codecompliantregulatory
  68