43 results found Sort:

MISP
MISP MISP
1.4k
5.4k
agpl-3.0
279
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
cti misp stix security threatintel intelligence threat-intel cybersecurity threat-hunting threat-sharing fraud-detection threat-analysis fraud-management fraud-prevention malware-analysis information-sharing threat-intelligence information-exchange information-security threat-intelligence-platform
Created 2013-02-07
26,469 commits to 2.5 branch, last one 4 hours ago
TheHive-Project
TheHive TheHive-Project
626
3.4k
agpl-3.0
171
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
api dfir free iocs misp rest scala agplv3 cortex thehive analyzer platform open-source orchestration investigations digital-forensics incident-response security-incidents incident-management incident-response-tooling
Created 2016-11-03
2,751 commits to main branch, last one 2 years ago
eset
malware-ioc eset
265
1.6k
bsd-2-clause
221
Indicators of Compromises (IOC) of our various investigations
ioc misp yara malware
Created 2014-03-13
236 commits to master branch, last one 8 days ago
Bert-JanP
Hunting-Queries-Detection-Rules Bert-JanP
234
1.3k
bsd-3-clause
64
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
kql mde mdi dfir misp azure infosec blueteam security sentinel zero-day cybersecurity threat-hunting defender-for-endpoint vulnerability-management
Created 2022-05-30
375 commits to main branch, last one 7 days ago
emalderson
ThePhish emalderson
174
1.2k
agpl-3.0
18
ThePhish: an automated phishing email analysis tool
free misp email attack python script webapp malware thehive phishing thehive4 detection thehive4py cyberdefense cybersecurity digital-forensics incident-response phishing-detection threat-intelligence indicators-of-compromise
Created 2021-09-27
18 commits to master branch, last one 3 months ago
thalesgroup-cert
Watcher thalesgroup-cert
125
865
agpl-3.0
39
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
misp nltk osint django webapp reactjs thehive watcher phishing security certstream monitoring rss-bridge osint-python cybersecurity threat-hunting threat-detection incident-response threat-intelligence certificate-transparency
Created 2020-09-01
412 commits to master branch, last one 14 days ago
InQuest
ThreatIngestor InQuest
135
831
gpl-2.0
41
Extract and aggregate threat intelligence.
ioc dfir misp soar yara osint threatintel threat-feeds security-tools threat-hunting threat-sharing fraud-detection threat-analysis malware-research threat-intelligence intelligence-gathering indicators-of-compromise threat-intelligence-platform
Created 2017-08-31
596 commits to master branch, last one about a year ago
Bert-JanP
Open-Source-Threat-Intel-Feeds Bert-JanP
57
566
bsd-3-clause
13
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
c2 ioc misp iocfeed malware phishing threat-hunting threat-intelligence
Created 2022-06-08
70 commits to main branch, last one 4 months ago
MISP
misp-warninglists MISP
173
534
unknown
32
Warning lists to inform users of MISP about potential false-positives or other information in indicators
dfir misp false-positive misp-warninglists network-forensics threat-intelligence
Created 2016-04-19
935 commits to main branch, last one 16 days ago
MISP
misp-galaxy MISP
259
532
other
47
Clusters and elements to attach to MISP events or attributes (like threat actors)
misp stix malware adversaries misp-galaxy threat-actors classification threat-hunting adversary-groups attack-patternon threat-intelligence information-exchange mitre-adversarial-tactics
Created 2016-02-27
4,150 commits to main branch, last one a day ago
MISP
PyMISP MISP
280
445
other
48
Python library using the MISP Rest API
api misp api-client threatintel threat-sharing
Created 2014-04-16
3,215 commits to main branch, last one 2 days ago
V1D1AN
S1EM V1D1AN
80
412
mit
18
This project is a SIEM with SIRP and Threat Intel, all in one.
n8n misp mwdb yara zeek sigma arkime cortex docker kibana malware opencti thehive filebeat logstash suricata zircolite velociraptor elasticsearch
Created 2021-05-11
638 commits to master branch, last one a day ago
TheHive-Project
TheHiveDocs TheHive-Project
280
392
agpl-3.0
48
Documentation of TheHive
api dfir free iocs misp rest cortex analyst thehive analyzer platform open-source documentation free-software thehive-project digital-forensics incident-response security-incidents administration-guide
This repository has been archived (exclude archived)
Created 2017-05-16
517 commits to master branch, last one about a year ago
OpenCTI-Platform
connectors OpenCTI-Platform
416
382
apache-2.0
17
OpenCTI Connectors
cti misp mitre-attack cybersecurity threat-intelligence
Created 2019-06-18
2,987 commits to master branch, last one 21 hours ago
MISP
misp-modules MISP
234
345
agpl-3.0
43
Modules for expansion services, enrichment, import and export in MISP and other tools.
cti misp osint expansion enrichment domaintools passive-dns misp-modules passivetotal threat-intelligence
Created 2016-02-17
2,539 commits to main branch, last one 2 days ago
MISP
x_old_misp_docker MISP
166
283
unknown
28
MISP Docker (XME edition)
misp misp-docker
Created 2018-06-01
237 commits to master branch, last one 11 months ago
MISP
misp-book MISP
103
259
unknown
38
User guide of MISP
misp misp-book documentation information-sharing information-exchange
Created 2015-10-06
837 commits to main branch, last one about a month ago
tenzir
threatbus tenzir
16
258
bsd-3-clause
26
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
cif ids cif3 misp zeek opencti sightings threat-bus threatintel threat-hunting opencti-connector threat-intelligence threat-intelligence-data
This repository has been archived (exclude archived)
Created 2019-01-31
857 commits to main branch, last one 2 years ago
coolacid
docker-misp coolacid
94
230
gpl-3.0
18
A (nearly) production ready Dockered MISP
misp docker security security-tools threat-sharing threat-intelligence
Created 2019-11-25
255 commits to master branch, last one 10 months ago
MISP
misp-dashboard MISP
65
194
agpl-3.0
37
A live dashboard for a real-time overview of threat intelligence from MISP instances
misp dashboard threatintel cybersecurity cyber-security threat-intelligence
Created 2017-10-25
607 commits to main branch, last one about a year ago
harvard-itsecurity
docker-misp harvard-itsecurity
44
175
bsd-3-clause
12
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
misp malware security dockerhub threat-sharing malware-analysis threat-intelligence information-security
Created 2016-09-27
59 commits to master branch, last one 4 years ago
MISP
misp-playbooks MISP
16
174
bsd-2-clause
10
MISP Playbooks
cti misp playbooks cyber-security misp-playbooks threat-intelligence
Created 2023-01-30
45 commits to main branch, last one about a month ago
MISP
MISP-maltego MISP
46
170
agpl-3.0
26
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
misp graph attack maltego analysis pivoting transform misp-maltego mitre-attack threat-intel visualisation threat-intelligence
Created 2016-02-25
131 commits to master branch, last one 5 months ago
pe3zx
mthc pe3zx
37
169
mit
12
All-in-one bundle of MISP, TheHive and Cortex
dfir misp cortex thehive ioc-framework threat-hunting thehive-project incident-response incident-management threat-intelligence
Created 2019-07-15
40 commits to master branch, last one 2 years ago
davidonzo
Threat-Intel davidonzo
14
148
mit
9
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
misp stix cybox osint stix2 taxii taxii2 misp-feed threat-intel cybersecurity threat-intelligence malware-analisys-lab incident-response-service
Created 2019-05-09
9,893 commits to master branch, last one about a month ago
tylabs
dovehawk tylabs
24
121
mit
9
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
misp zeek bro-ids zeek-ids misp-sightings threat-hunting threat-intelligence
Created 2018-08-24
57 commits to master branch, last one 3 years ago
MISP
misp-objects MISP
125
91
other
28
Definition, description and relationship types of MISP objects
misp misp-objects information-sharing information-exchange
Created 2016-02-08
1,933 commits to main branch, last one 8 days ago
cerebrate-project
cerebrate cerebrate-project
17
84
agpl-3.0
16
Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
misp cerebrate cerebrate-project information-sharing security-automation
Created 2020-01-26
1,775 commits to main branch, last one 10 days ago
MISP
MISP-Taxii-Server MISP
30
80
bsd-3-clause
17
An OpenTAXII Configuration for MISP
misp stix taxii-hooks taxii-server information-sharing information-exchange
Created 2016-11-18
166 commits to master branch, last one 2 years ago
0xThiebaut
sigmai 0xThiebaut
5
77
eupl-1.2
10
Import specific data sources into the Sigma generic and open signature format.
ids misp siem sigma logging security monitoring signatures
Created 2020-04-27
15 commits to master branch, last one 2 years ago