misp

There are 12 repositories under misp topic.

• MISP / MISP

  MISP (core software) - Open Source Threat Intelligence and Sharing Platform

  cticybersecurityfraud-detectionfraud-managementfraud-preventioninformation-exchangeinformation-securityinformation-sharingintelligencemalware-analysismispsecuritystixthreat-analysisthreat-huntingthreat-intelthreat-intelligencethreat-intelligence-platformthreat-sharingthreatintel
  Language:PHP 5394
• TheHive

  TheHive-Project / TheHive

  TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  agplv3analyzerapicortexdfirdigital-forensicsfreeincident-managementincident-responseincident-response-toolinginvestigationsiocsmispopen-sourceorchestrationplatformrestscalasecurity-incidentsthehive
  Language:Scala 3450

• eset / malware-ioc

  Indicators of Compromises (IOC) of our various investigations

  iocmalwareyaramisp
  Language:YARA 1651

• Bert-JanP / Hunting-Queries-Detection-Rules

  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

  azuredefender-for-endpointdfirkqlsentinelthreat-huntingvulnerability-managementzero-dayblueteamcybersecuritymdemdiinfosecsecuritymisp
  Language:Python 1264
• ThePhish

  emalderson / ThePhish

  ThePhish: an automated phishing email analysis tool

  emaildetectionmalwarephishingcybersecuritymispthehivethehive4thehive4pyindicators-of-compromisecyberdefensephishing-detectionpythonincident-responsefreedigital-forensicsthreat-intelligencewebappattackscript
  Language:Python 1158
• Watcher

  thalesgroup-cert / Watcher

  Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

  certificate-transparencycertstreamcybersecuritydjangoincident-responsemispmonitoringnltkosintosint-pythonphishingreactjsrss-bridgesecuritythehivethreat-detectionthreat-huntingthreat-intelligencewatcherwebapp
  Language:Python 865

• InQuest / ThreatIngestor

  Extract and aggregate threat intelligence.

  iocindicators-of-compromisethreatintelthreat-intelligenceosintdfirmalware-researchsecurity-toolsthreat-sharingthreat-feedsthreat-huntingmispfraud-detectionthreat-analysisintelligence-gatheringthreat-intelligence-platformyarasoar
  Language:Python 832

• Bert-JanP / Open-Source-Threat-Intel-Feeds

  This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

  c2iociocfeedmalwaremispphishingthreat-huntingthreat-intelligence
  Language:Python 566

• MISP / misp-warninglists

  Warning lists to inform users of MISP about potential false-positives or other information in indicators

  dfirfalse-positivemispmisp-warninglistsnetwork-forensicsthreat-intelligence
  Language:Python 536

• MISP / misp-galaxy

  Clusters and elements to attach to MISP events or attributes (like threat actors)

  adversariesadversary-groupsattack-patternonclassificationinformation-exchangemalwaremispmisp-galaxymitre-adversarial-tacticsstixthreat-actorsthreat-huntingthreat-intelligence
  Language:Python 532

• MISP / PyMISP

  Python library using the MISP Rest API

  apiapi-clientmispthreat-sharingthreatintel
  Language:Python 445

• V1D1AN / S1EM

  This project is a SIEM with SIRP and Threat Intel, all in one.

  kibanaelasticsearchlogstashfilebeatsuricatazeekopenctimispmalwaresigmathehivedockercortexarkimemwdbn8nzircoliteyaravelociraptor
  Language:Shell 412
• TheHiveDocs

  TheHive-Project / TheHiveDocs

  Documentation of TheHive

  mispsecurity-incidentsiocsthehivecortexadministration-guideanalyzerrestapiincident-responsedigital-forensicsanalystdfirfreefree-softwaredocumentationopen-sourceplatformthehive-project
  393

• OpenCTI-Platform / connectors

  OpenCTI Connectors

  cybersecurityctithreat-intelligencemispmitre-attack
  Language:Python 382

• cloudtracer / ThreatPinchLookup

  Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

  passivetotalcveosintthreatintelthreat-huntingchrome-extensionsecurityvirustotalthreatminercirclalienvaultdfircensysmispcertwhoisincident-responseshodanibm-xforcethreat-sharing
  Language:HTML 361

• MISP / misp-modules

  Modules for expansion services, enrichment, import and export in MISP and other tools.

  misp-modulesmispexpansionpassivetotaldomaintoolspassive-dnsthreat-intelligenceosintctienrichment
  Language:Python 345

• MISP / x_old_misp_docker

  MISP Docker (XME edition)

  misp-dockermisp
  Language:Shell 283

• MISP / misp-book

  User guide of MISP

  mispdocumentationmisp-bookinformation-exchangeinformation-sharing
  Language:Shell 259

• tenzir / threatbus

  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

  cifcif3idsmispopenctiopencti-connectorsightingsthreat-busthreat-huntingthreat-intelligencethreat-intelligence-datathreatintelzeek
  Language:Python 258

• coolacid / docker-misp

  A (nearly) production ready Dockered MISP

  dockermispsecuritysecurity-toolsthreat-intelligencethreat-sharing
  Language:Shell 230

• MISP / misp-dashboard

  A live dashboard for a real-time overview of threat intelligence from MISP instances

  mispcybersecuritycyber-securitythreatintelthreat-intelligencedashboard
  Language:JavaScript 194

• harvard-itsecurity / docker-misp

  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

  mispdockerhubsecurityinformation-securitythreat-sharingmalwaremalware-analysisthreat-intelligence
  Language:Dockerfile 175

• MISP / misp-playbooks

  MISP Playbooks

  mispplaybooksmisp-playbookscticyber-securitythreat-intelligence
  Language:Jupyter Notebook 174

• MISP / MISP-maltego

  Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

  mispmaltegomisp-maltegoattackmitre-attacktransformpivotingvisualisationgraphanalysisthreat-intelligencethreat-intel
  Language:Python 170
• mthc

  pe3zx / mthc

  All-in-one bundle of MISP, TheHive and Cortex

  mispthehive-projectcortexthreat-intelligencethreat-huntingincident-responseincident-managementioc-frameworkdfirthehive
  169

• davidonzo / Threat-Intel

  Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS

  threat-intelligencecybersecurityincident-response-servicemispstixstix2taxiitaxii2cyboxmisp-feedthreat-intelmalware-analisys-labosint
  Language:Python 148

• tylabs / dovehawk

  Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

  bro-idsmispmisp-sightingsthreat-huntingthreat-intelligencezeekzeek-ids
  Language:Zeek 121

• MISP / docker-misp

  Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

  mispdockerhubsecurityinformation-securitythreat-sharingmalwaremalware-analysisthreat-intelligence
  Language:Dockerfile 105

• MISP / misp-objects

  Definition, description and relationship types of MISP objects

  mispmisp-objectsinformation-exchangeinformation-sharing
  Language:Python 91

• cerebrate-project / cerebrate

  Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.

  mispcerebrate-projectsecurity-automationcerebrateinformation-sharing
  Language:PHP 83

• MISP / MISP-Taxii-Server

  An OpenTAXII Configuration for MISP

  misptaxii-servertaxii-hooksinformation-exchangeinformation-sharingstix
  Language:Python 80
• sigmai

  0xThiebaut / sigmai

  Import specific data sources into the Sigma generic and open signature format.

  securitymonitoringsiemloggingsignaturesidsmispsigma
  Language:Go 77
• SyntheticSun

  jonrau1 / SyntheticSun

  SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

  threat-intelligencemachine-learninganomaly-detectionaws-securityaws-serverlessserverlessautomationgeolocationthreat-detectionguarddutysecurity-automationsecurity-toolsawssagemakerincident-responsekibanaelasticsearchdata-sciencedata-visualizationmisp
  Language:Python 76

• MISP / misp-cloud

  misp-cloud - Cloud-ready images of MISP

  mispmisp-cloud
  Language:Shell 72

• conix-security / BTG

  BTG's purpose is to make fast and efficient search on IOC

  iocmispvirustotal
  Language:Python 70

• MISP / mail_to_misp

  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

  mispmisp-apithreat-huntingthreat-intelligencethreatintel
  Language:Python 69