threat-sharing

There are 11 repositories under threat-sharing topic.

rshipp / awesome-malware-analysis
Defund the Police.
analysis-framework automated-analysis awesome awesome-list chinese chinese-translation domain-analysis drop-ice dynamic-analysis list malware-analysis malware-collection malware-research malware-samples network-traffic static-analysis threat-intelligence threat-sharing threatintel
11042
MISP / MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
misp threat-sharing threat-hunting threatintel malware-analysis stix information-exchange fraud-management security cti cybersecurity fraud-detection fraud-prevention threat-analysis information-security information-sharing threat-intelligence threat-intelligence-platform intelligence threat-intel
Language:PHP 4968
cowrie / cowrie
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
cowrie honeypot ssh telnet security kippo cowrie-ssh telnet-honeypot sftp scp attacker threat-analysis threat-sharing threatintel decoy deception
Language:Python 4904
yeti-platform / yeti
Your Everyday Threat Intelligence
infosec threatintel threat-sharing threat-hunting enrichment intelligence dfir
Language:Python 1617
InQuest / ThreatIngestor
Extract and aggregate threat intelligence.
dfir fraud-detection indicators-of-compromise intelligence-gathering ioc malware-research misp osint security-tools soar threat-analysis threat-feeds threat-hunting threat-intelligence threat-intelligence-platform threat-sharing threatintel yara
Language:Python 781
ion-storm / sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
sysmon threatintel threat-hunting netsec sysinternals logging graylog graylog-plugin dfir threat-intelligence threat-sharing threat-analysis mitre-attack digitalforensics forensic-analysis forensicartifacts forensics siem sigma-rules humio
Language:PowerShell 748
InQuest / iocextract
Defanged Indicator of Compromise (IOC) Extractor.
ioc indicators-of-compromise library ioc-extractor defang threat-intelligence threat-sharing threatintel malware-research osint dfir base64 decoding yara
Language:Python 485
MISP / PyMISP
Python library using the MISP Rest API
misp api api-client threat-sharing threatintel
Language:Python 418
cloudtracer / ThreatPinchLookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
passivetotal cve osint threatintel threat-hunting chrome-extension security virustotal threatminer circl alienvault dfir censys misp cert whois incident-response shodan ibm-xforce threat-sharing
Language:HTML 333
sapphirex00 / Threat-Hunting
Personal compilation of APT malware from whitepaper releases, documents and own research
threat-hunting threat-intelligence threat-sharing threat-modeling collection malware malware-analysis malware-research yara-rules malware-detection
250
coolacid / docker-misp
A (nearly) production ready Dockered MISP
misp docker security security-tools threat-sharing threat-intelligence
Language:Shell 226
eclecticiq / OpenTAXII
TAXII server implementation in Python from EclecticIQ
taxii stix cti python taxii-server threatintel threat-sharing cyber-threat-intelligence
Language:Python 180
csirtgadgets / bearded-avenger
CIF v3 -- the fastest way to consume threat intelligence
security threatintel threat-hunting threat-sharing cif cifv3
Language:Python 176
harvard-itsecurity / docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
misp dockerhub security information-security threat-sharing malware malware-analysis threat-intelligence
Language:Dockerfile 173
fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
indicators-of-compromise threat-intelligence threat-hunting threat-sharing grammar-parser threatintel cidr-range ipv4 iocs ioc-finder observable network-data cidr-ranges parse-urls grammars malware-research malware-analysis hacktoberfest
Language:Python 151
MISP / docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
misp dockerhub security information-security threat-sharing malware malware-analysis threat-intelligence
Language:Dockerfile 102
eclecticiq / cabby
TAXII client implementation from EclecticIQ
stix taxii taxii-client cti python threatintel threat-sharing
Language:Python 95
adulau / misp-osint-collection
Collection of best practices to add OSINT into MISP and/or MISP communities
cyber-security misp osint threat-intelligence threat-sharing
Language:HTML 64
csirtgadgets / bearded-avenger-deploymentkit
CIFv3 DeploymentKit
threat-sharing security
Language:Shell 63
MISP / MISP-STIX-Converter
A utility repo to assist with converting between MISP and STIX formats
misp stix threat-sharing conversion
Language:Python 63
ioc-fang / ioc-fanger
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
threatintel threat-sharing ioc defang fang iocs indicators indicators-of-compromise malware malware-research hacktoberfest
Language:Python 52
MISP / best-practices-in-threat-intelligence
Best practices in threat intelligence
information-sharing misp threat-intelligence threat-sharing threatintel
Language:HTML 45
MISP / misp-rfc
Specifications used in the MISP project including MISP core format
misp misp-format misp-taxonomy threat-sharing information-exchange internet-draft standard protocol json-format
Language:HTML 45
karthikkbala / MISP-QRadar-Integration
The Project can be used to integrate QRadar with MISP Threat Sharing Platform
qradar misp threat-intelligence threat-sharing threatintel siem
Language:Python 36
Viralmaniar / DDWPasteRecon
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
darkweb darkweb-hacking ddw attacksurface threat-intelligence threat-hunting threat-sharing iocs pastesites reconnaissance hacking-tools blueteam redteam redteaming redteam-tools blueteaming soc
Language:C# 36
csirtgadgets / csirtg-smrt-v1
the fastest way to consume threat intelligence.
security threat-sharing threatintel threat-hunting
Language:Python 27
csirtgadgets / verbose-robot
The Fastest way to consume Threat Intel
threatintel threat-hunting threat-sharing infosec cif csirtg
Language:Python 25
rodanmaharjan / ThreatIntelligence
Malicious IP source.
malicious-domains malware threat-intelligence cybersecurity threat-hunting trojan iocs phishing threatintel c2 cve cti threat-sharing
Language:Python 25
faisalusuf / ThreatIntelligence
Tracking APT IOCs
threat-intelligence threat-hunting threatintel threat-sharing
24
MISP / misp-takedown
A curses-style interface for automatic takedown notification based on MISP events.
abuse-detection information-sharing misp misp-api threat-intelligence threat-sharing
Language:Python 19
gnxsecurity / gnx-threat-intelligence
A commercial grade threat intelligence feed thats validated and updated every half hour.
threat-intelligence threat-sharing indicators-of-compromise blacklist blocklist malicious-traffic
Language:SuperCollider 18
yeti-platform / pyeti
Python bindings for Yeti's API
infosec threatintel threat-sharing threat-hunting enrichment api python intelligence
Language:Python 17
KaanSK / Go-MISPFeedGenerator
Golang implementation of PyMISP-feedgenerator
infosec threat-intelligence threatintel misp misp-api golang threat-sharing threatops iot cybsec cyber-threat-intelligence cybersecurity
Language:Go 16
TheWatchList
SCS-Labs / TheWatchList
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
threatview threat-intelligence threatintel threatintelligence threat-sharing threat threat-hunting threat-analysis threat-response threat-detection cyber-threat-coalition lists
13
ventz / docker-cif
CIFv3 Ubuntu 16.04 Docker Container (Bearded Avenger)
cifs security threat-sharing threat-hunting intelligence intel forensics forensic-analysis
Language:Shell 13
EC-DIGIT-CSIRC / MISP-ThreatExchange
Script to interface MISP with Facebook ThreatExchange
facebook-api misp threat-sharing
Language:Python 12

threat-sharing

rshipp / awesome-malware-analysis

MISP / MISP

cowrie / cowrie

yeti-platform / yeti

InQuest / ThreatIngestor

ion-storm / sysmon-config

InQuest / iocextract

MISP / PyMISP

cloudtracer / ThreatPinchLookup

sapphirex00 / Threat-Hunting

coolacid / docker-misp

eclecticiq / OpenTAXII

csirtgadgets / bearded-avenger

harvard-itsecurity / docker-misp

fhightower / ioc-finder

MISP / docker-misp

eclecticiq / cabby

adulau / misp-osint-collection

csirtgadgets / bearded-avenger-deploymentkit

MISP / MISP-STIX-Converter

ioc-fang / ioc-fanger

MISP / best-practices-in-threat-intelligence

MISP / misp-rfc

karthikkbala / MISP-QRadar-Integration

Viralmaniar / DDWPasteRecon

csirtgadgets / csirtg-smrt-v1

csirtgadgets / verbose-robot

rodanmaharjan / ThreatIntelligence

faisalusuf / ThreatIntelligence

MISP / misp-takedown

gnxsecurity / gnx-threat-intelligence

yeti-platform / pyeti

KaanSK / Go-MISPFeedGenerator

SCS-Labs / TheWatchList

ventz / docker-cif

EC-DIGIT-CSIRC / MISP-ThreatExchange