misp
There are 12 repositories under misp topic.
- Language:PHP 5212
- TheHive
TheHive-Project / TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Language:Scala 3337 - Language:YARA 1591
Bert-JanP / Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Language:Python 1136- ThePhish
emalderson / ThePhish
ThePhish: an automated phishing email analysis tool
Language:Python 1103 - Watcher
thalesgroup-cert / Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
Language:Python 845 InQuest / ThreatIngestor
Extract and aggregate threat intelligence.
Language:Python 813This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
Language:Python 537MISP / misp-galaxy
Clusters and elements to attach to MISP events or attributes (like threat actors)
Language:Python 511Warning lists to inform users of MISP about potential false-positives or other information in indicators
Language:Python 506- Language:Python 430
- Language:Shell 402
- TheHiveDocs
Documentation of TheHive
- Language:Python 356
cloudtracer / ThreatPinchLookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Language:HTML 340Modules for expansion services, enrichment, import and export in MISP and other tools.
Language:Python 336- Language:Shell 283
tenzir / threatbus
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
Language:Python 256- Language:Shell 253
coolacid / docker-misp
A (nearly) production ready Dockered MISP
Language:Shell 227A live dashboard for a real-time overview of threat intelligence from MISP instances
Language:JavaScript 192harvard-itsecurity / docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Language:Dockerfile 174- mthc
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
Language:Python 166- Language:Jupyter Notebook 163
davidonzo / Threat-Intel
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
Language:Python 145tylabs / dovehawk
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
Language:Zeek 121Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Language:Dockerfile 104Definition, description and relationship types of MISP objects
Language:Python 91cerebrate-project / cerebrate
Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
Language:PHP 82An OpenTAXII Configuration for MISP
Language:Python 79- sigmai
0xThiebaut / sigmai
Import specific data sources into the Sigma generic and open signature format.
Language:Go 77 - SyntheticSun
jonrau1 / SyntheticSun
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Language:Python 76 - Language:Python 70
- Language:Shell 70
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Language:Python 67
