threat-intelligence

There are 162 repositories under threat-intelligence topic.

• smicallef / spiderfoot

  SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

  footprintingosintthreatintelpythoninfosecintelligence-gatheringosint-reconnaissancepentestingthreat-intelligencesecurity-toolsinformation-gatheringcybersecurityctiosint-frameworkattacksurfaceosint-toolhackinginformation-securityrecon
  Language:Python 15326

• rshipp / awesome-malware-analysis

  Defund the Police.

  analysis-frameworkautomated-analysisawesomeawesome-listchinesechinese-translationdomain-analysisdrop-icedynamic-analysislistmalware-analysismalware-collectionmalware-researchmalware-samplesnetwork-trafficstatic-analysisthreat-intelligencethreat-sharingthreatintel
  12983

• edoardottt / awesome-hacker-search-engines

  A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

  awesomeawesome-listhackingsearch-engineosintawesome-listsdnshacking-toolsexploitsecuritysecurity-toolswifi-networkbugbountyosint-toolvulnerabilitiesredteamredteamingcvehacktoberfestthreat-intelligence
  Language:Shell 9351

• blacklanternsecurity / bbot

  The recursive internet scanner for hackers. 🧡

  hackingneo4josintosint-frameworkpythonsubdomain-enumerationautomationreconcliscannerbugbountypentestingrecursionsubdomain-scannersubdomainsasmattack-surface-managementthreat-intelligencethreatinteleasm
  Language:Python 8964

• OpenCTI-Platform / opencti

  Open Cyber Threat Intelligence Platform

  cyberctithreat-intelligencesecurityintelligenceosintcybersecurity
  Language:TypeScript 7747

• MISP / MISP

  MISP (core software) - Open Source Threat Intelligence and Sharing Platform

  cticybersecurityfraud-detectionfraud-managementfraud-preventioninformation-exchangeinformation-securityinformation-sharingintelligencemalware-analysismispsecuritystixthreat-analysisthreat-huntingthreat-intelthreat-intelligencethreat-intelligence-platformthreat-sharingthreatintel
  Language:PHP 5917
• capa

  mandiant / capa

  The FLARE team's open-source tool to identify capabilities in executable files.

  malware-analysisreverse-engineeringbinary-analysisthreat-intelligencegsoc-2025
  Language:Python 5515

• elceef / dnstwist

  Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

  phishingtyposquattingdomainsdnsosintidnfuzzingthreat-huntinghomograph-attackscannerthreat-intelligencehomoglyph
  Language:Python 5372

• devsecops / awesome-devsecops

  An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

  devsecopsthreat-intelligencedevopspodcast
  5058

• fastfire / deepdarkCTI

  Collection of Cyber Threat Intelligence sources from the deep and dark web

  cticyberhunterdarkwebdeepwebthreat-intelligence
  4988
• IntelOwl

  intelowlproject / IntelOwl

  IntelOwl: manage your Threat Intelligence at scale

  security-toolspythonthreat-intelligenceiocincident-responsecyber-threat-intelligenceenrichmenthoneynetosintosint-pythonthreatintelmalware-analysismalware-analyzerintel-owlthreat-huntinghacktoberfestcyber-securitycybersecuritythreathuntingdfir
  Language:Python 4309
• teler

  teler-sh / teler

  Real-time HTTP Intrusion Detection

  threat-huntingthreat-intelligenceidsintrusion-detection-systemthreat-analyzergogolangintrusion-detectionintrusionthreatthreat-rulesanalyze-logsiocslogslog-analyzerlog
  Language:Go 3064

• Neo23x0 / signature-base

  YARA signature and IOC database for my scanners and tools

  anti-virusdfirhashiocscannersignaturethreat-huntingthreat-intelligenceyarayara-rules
  Language:YARA 2735
• Digital-Forensics-Guide

  mikeroyal / Digital-Forensics-Guide

  Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

  digitalforensicsdigitalforensicreadinessforensicssecurityforensics-toolsdigital-forensicsthreat-intelligenceintrusion-detectionmitre-attackdetection-engineeringnetwork-securityoffensive-securitycyber-securityport-scanningsiemalertingforensic-analysisforensics-investigationsosintdfir
  Language:Python 2248

• osintbrazuca / osint-brazuca

  Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

  osintbrasilhackingthreat-intelligencethreat-huntingthreatintel
  1797

• x0rz / phishing_catcher

  Phishing catcher using Certstream

  certificate-transparencyosintphishingthreat-intelligencethreatintel
  Language:Python 1758

• AmnestyTech / investigations

  Indicators of Compromise from Amnesty International's cyber investigations

  forensicsspywarethreat-huntingthreat-intelligence
  Language:Python 1618

• ninoseki / mitaka

  A browser extension for OSINT search

  chrome-extensionsecuritythreat-intelligenceosint
  Language:TypeScript 1567

• nshalabi / SysmonTools

  Utilities for Sysmon

  loggingmonitoringnetsecsysinternalssysmonthreat-huntingthreat-intelligencethreatintelwindows
  1512

• trickest / inventory

  Asset inventory of over 800 public bug bounty programs.

  bug-bountybugbountybugbountytipsfuzzinghackinginfosecosintosint-resourcesosint-toolpenetration-testingpentest-toolpentestingreconreconnaissancered-teamsecuritysecurity-toolssoftware-securitythreat-intelligence
  Language:Shell 1350

• Te-k / harpoon

  CLI tool for open source and threat intelligence

  osintosint-frameworkthreat-intelligencethreatintel
  Language:Python 1240
• ThePhish

  emalderson / ThePhish

  ThePhish: an automated phishing email analysis tool

  attackcyberdefensecybersecuritydetectiondigital-forensicsemailfreeincident-responseindicators-of-compromisemalwaremispphishingphishing-detectionpythonscriptthehivethehive4thehive4pythreat-intelligencewebapp
  Language:Python 1205

• BushidoUK / Ransomware-Tool-Matrix

  A resource containing all the tools each ransomware gangs uses

  cticybersecuritydetection-engineeringhackingosintransomwarethreat-huntingthreat-intelligencethreatintel
  1194

• tomchop / malcom

  Malcom - Malware Communications Analyzer

  dfirinfosecmalwaremalware-analysisnetwork-trafficpcapthreat-intelligence
  Language:Python 1158
• awesome-lists

  mthcht / awesome-lists

  Awesome Security lists for SOC/CERT/CTI

  blueteamhacktoolsredteamsecuritysocawesome-listctiiocblueteam-toolsdetectiondetection-engineeringdfirincident-responseiocsirsiemthreat-huntingthreat-intelligenceransomwarermm
  Language:YARA 1108

• alvin-tosh / Malware-Exhibit

  🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.

  cryptographycybersecurityencryption-decryptionethical-hackinginfoseckeyloggermalware-analysismalware-researchransomwarestealer-windowsthreat-huntingthreat-intelligencetrojanvirusmalwarenotpetya-malwarepetyaspywarewannacry-ransomwareapt
  Language:Assembly 1104

• toolswatch / vFeed

  The Correlated CVE Vulnerability And Threat Intelligence Database API

  cveovalthreat-intelligence-databasepythonvfeedcwecapecscapvulnerability-databasesvulnerability-detectionvulnerability-database-entryvulnerability-identificationthreatintelligence-gatheringexploitsvulnerabilityvulnerability-scannerscommon-vulnerability-exposurethreat-intelligencethreatintel
  Language:Python 948
• DaProfiler

  daprofiler / DaProfiler

  DaProfiler is an OSINT tool allowing you to collect certain information about yourself in order to rectify by rgpd requests the traces you may have left on the net. DaProfiler is indeed able to recover: Addresses, Social media accounts, e-mail addresses, mobile / landline number, jobs.

  osintsocial-mediasocial-networkinstagramemailfacebookskypepythonosint-pythonosint-toolsthreat-intelligencetracelabsintelligenceinformation-gatheringemailsfranceperson-search
  Language:Python 945

• osintbrazuca / osint-brazuca-regex

  Repositório criado com intuito de reunir expressões regulares dentro do contexto Brasil

  brasilbrazilhackingosintregexthreat-huntingthreat-intelligence
  937

• curated-intel / Ukraine-Cyber-Operations

  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

  ukraineosintctithreat-intelligenceiocsthreat-huntingyaramalware
  Language:YARA 922
• Watcher

  thalesgroup-cert / Watcher

  Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

  certificate-transparencycertstreamcybersecuritydjangoincident-responsemispmonitoringnltkosintosint-pythonphishingreactjsrss-bridgesecuritythehivethreat-detectionthreat-huntingthreat-intelligencewatcherwebapp
  Language:Python 906

• ninoseki / mihari

  A query aggregator for OSINT based threat hunting

  threat-huntingthreat-intelligenceosint
  Language:Ruby 887

• InQuest / ThreatIngestor

  Extract and aggregate threat intelligence.

  iocindicators-of-compromisethreatintelthreat-intelligenceosintdfirmalware-researchsecurity-toolsthreat-sharingthreat-feedsthreat-huntingmispfraud-detectionthreat-analysisintelligence-gatheringthreat-intelligence-platformyarasoar
  Language:Python 882

• A3sal0n / CyberThreatHunting

  A collection of resources for Threat Hunters

  threat-huntingdfircybersecurityincident-responsethreat-intelligence
  Language:Python 881
• opensquat

  atenreiro / opensquat

  The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

  blue-teamcybersecuritycybersquattingdomain-namedomain-squattinghomograph-attackinfosecmalwareosintphishingphishing-detectionphishing-domainspythonscannersecurity-toolsthreat-huntingthreat-intelligencetyposquatting
  Language:Python 876

• ion-storm / sysmon-config

  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.

  sysmonthreatintelthreat-huntingnetsecsysinternalslogginggrayloggraylog-plugindfirthreat-intelligencethreat-sharingthreat-analysismitre-attackdigitalforensicsforensic-analysisforensicartifactsforensicssiemsigma-ruleshumio
  Language:PowerShell 797