There are 11 repositories under misp topic.
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
ThePhish: an automated phishing email analysis tool
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Extract and aggregate threat intelligence.
Clusters and elements to attach to MISP events or attributes (like threat actors)
Warning lists to inform users of MISP about potential false-positives or other information in indicators
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Documentation of TheHive
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Modules for expansion services, enrichment, import and export in MISP and other tools.
A (nearly) production ready Dockered MISP
Security lists for SOC detections
A live dashboard for a real-time overview of threat intelligence from MISP instances
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Definition, description and relationship types of MISP objects
Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
An OpenTAXII Configuration for MISP
Import specific data sources into the Sigma generic and open signature format.
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.