44 results found Sort:

MISP
MISP MISP
1.4k
5.6k
agpl-3.0
278
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
cti misp stix security threatintel intelligence threat-intel cybersecurity threat-hunting threat-sharing fraud-detection threat-analysis fraud-management fraud-prevention malware-analysis information-sharing threat-intelligence information-exchange information-security threat-intelligence-platform
Created 2013-02-07
27,168 commits to 2.5 branch, last one 3 days ago
TheHive-Project
TheHive TheHive-Project
645
3.6k
agpl-3.0
171
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
api dfir free iocs misp rest scala agplv3 cortex thehive analyzer platform open-source orchestration investigations digital-forensics incident-response security-incidents incident-management incident-response-tooling
Created 2016-11-03
2,751 commits to main branch, last one 2 years ago
eset
malware-ioc eset
267
1.7k
bsd-2-clause
223
Indicators of Compromises (IOC) of our various investigations
ioc misp yara malware
Created 2014-03-13
246 commits to master branch, last one 6 days ago
Bert-JanP
Hunting-Queries-Detection-Rules Bert-JanP
258
1.4k
bsd-3-clause
66
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
kql mde mdi dfir misp azure infosec blueteam security sentinel zero-day cybersecurity threat-hunting defender-for-endpoint vulnerability-management
Created 2022-05-30
436 commits to main branch, last one 28 days ago
emalderson
ThePhish emalderson
180
1.2k
agpl-3.0
17
ThePhish: an automated phishing email analysis tool
free misp email attack python script webapp malware thehive phishing thehive4 detection thehive4py cyberdefense cybersecurity digital-forensics incident-response phishing-detection threat-intelligence indicators-of-compromise
Created 2021-09-27
18 commits to master branch, last one 8 months ago
thalesgroup-cert
Watcher thalesgroup-cert
132
903
agpl-3.0
38
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
misp nltk osint django webapp reactjs thehive watcher phishing security certstream monitoring rss-bridge osint-python cybersecurity threat-hunting threat-detection incident-response threat-intelligence certificate-transparency
Created 2020-09-01
451 commits to master branch, last one 25 days ago
InQuest
ThreatIngestor InQuest
137
853
gpl-2.0
40
Extract and aggregate threat intelligence.
ioc dfir misp soar yara osint threatintel threat-feeds security-tools threat-hunting threat-sharing fraud-detection threat-analysis malware-research threat-intelligence intelligence-gathering indicators-of-compromise threat-intelligence-platform
Created 2017-08-31
596 commits to master branch, last one about a year ago
Bert-JanP
Open-Source-Threat-Intel-Feeds Bert-JanP
68
654
bsd-3-clause
14
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
c2 ioc misp iocfeed malware phishing threat-hunting threat-intelligence
Created 2022-06-08
81 commits to main branch, last one 2 months ago
MISP
misp-warninglists MISP
177
561
unknown
31
Warning lists to inform users of MISP about potential false-positives or other information in indicators
dfir misp false-positive misp-warninglists network-forensics threat-intelligence
Created 2016-04-19
956 commits to main branch, last one a day ago
MISP
misp-galaxy MISP
271
558
other
48
Clusters and elements to attach to MISP events or attributes (like threat actors)
misp stix malware adversaries misp-galaxy threat-actors classification threat-hunting adversary-groups attack-patternon threat-intelligence information-exchange mitre-adversarial-tactics
Created 2016-02-27
4,311 commits to main branch, last one 11 days ago
MISP
PyMISP MISP
283
456
other
47
Python library using the MISP Rest API
api misp api-client threatintel threat-sharing
Created 2014-04-16
3,280 commits to main branch, last one 4 days ago
V1D1AN
S1EM V1D1AN
83
430
mit
17
This project is a SIEM with SIRP and Threat Intel, all in one.
n8n misp mwdb yara zeek sigma arkime cortex docker kibana malware opencti thehive filebeat logstash suricata zircolite velociraptor elasticsearch
Created 2021-05-11
638 commits to master branch, last one 4 months ago
OpenCTI-Platform
connectors OpenCTI-Platform
457
427
apache-2.0
15
OpenCTI Connectors
cti misp mitre-attack cybersecurity threat-intelligence
Created 2019-06-18
3,333 commits to master branch, last one 13 hours ago
TheHive-Project
TheHiveDocs TheHive-Project
279
396
agpl-3.0
46
Documentation of TheHive
api dfir free iocs misp rest cortex analyst thehive analyzer platform open-source documentation free-software thehive-project digital-forensics incident-response security-incidents administration-guide
This repository has been archived (exclude archived)
Created 2017-05-16
517 commits to master branch, last one about a year ago
MISP
misp-modules MISP
234
354
agpl-3.0
44
Modules for expansion services, enrichment, import and export in MISP and other tools.
cti misp osint expansion enrichment domaintools passive-dns misp-modules passivetotal threat-intelligence
Created 2016-02-17
2,588 commits to main branch, last one 24 days ago
MISP
x_old_misp_docker MISP
162
282
unknown
27
MISP Docker (XME edition)
misp misp-docker
Created 2018-06-01
237 commits to master branch, last one about a year ago
MISP
misp-book MISP
105
266
unknown
37
User guide of MISP
misp misp-book documentation information-sharing information-exchange
Created 2015-10-06
839 commits to main branch, last one 3 months ago
tenzir
threatbus tenzir
16
261
bsd-3-clause
25
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
cif ids cif3 misp zeek opencti sightings threat-bus threatintel threat-hunting opencti-connector threat-intelligence threat-intelligence-data
This repository has been archived (exclude archived)
Created 2019-01-31
857 commits to main branch, last one 2 years ago
coolacid
docker-misp coolacid
92
231
gpl-3.0
17
A (nearly) production ready Dockered MISP
misp docker security security-tools threat-sharing threat-intelligence
Created 2019-11-25
255 commits to master branch, last one about a year ago
MISP
misp-dashboard MISP
63
201
agpl-3.0
36
A live dashboard for a real-time overview of threat intelligence from MISP instances
misp dashboard threatintel cybersecurity cyber-security threat-intelligence
Created 2017-10-25
607 commits to main branch, last one about a year ago
MISP
misp-playbooks MISP
22
189
bsd-2-clause
10
MISP Playbooks
cti misp playbooks cyber-security misp-playbooks threat-intelligence
Created 2023-01-30
94 commits to main branch, last one about a month ago
harvard-itsecurity
docker-misp harvard-itsecurity
44
175
bsd-3-clause
11
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
misp malware security dockerhub threat-sharing malware-analysis threat-intelligence information-security
Created 2016-09-27
59 commits to master branch, last one 4 years ago
MISP
MISP-maltego MISP
43
173
agpl-3.0
25
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
misp graph attack maltego analysis pivoting transform misp-maltego mitre-attack threat-intel visualisation threat-intelligence
Created 2016-02-25
131 commits to master branch, last one 9 months ago
pe3zx
mthc pe3zx
37
170
mit
10
All-in-one bundle of MISP, TheHive and Cortex
dfir misp cortex thehive ioc-framework threat-hunting thehive-project incident-response incident-management threat-intelligence
Created 2019-07-15
40 commits to master branch, last one 2 years ago
davidonzo
Threat-Intel davidonzo
14
154
mit
8
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
misp stix cybox osint stix2 taxii taxii2 misp-feed threat-intel cybersecurity threat-intelligence malware-analisys-lab incident-response-service
Created 2019-05-09
9,893 commits to master branch, last one 5 months ago
tylabs
dovehawk tylabs
24
123
mit
8
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
misp zeek bro-ids zeek-ids misp-sightings threat-hunting threat-intelligence
Created 2018-08-24
57 commits to master branch, last one 3 years ago
MISP
misp-objects MISP
127
96
other
28
Definition, description and relationship types of MISP objects
misp misp-objects information-sharing information-exchange
Created 2016-02-08
1,979 commits to main branch, last one 3 days ago
cerebrate-project
cerebrate cerebrate-project
19
87
agpl-3.0
14
Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
misp cerebrate cerebrate-project information-sharing security-automation
Created 2020-01-26
1,815 commits to main branch, last one 10 days ago
MISP
MISP-Taxii-Server MISP
30
81
bsd-3-clause
16
An OpenTAXII Configuration for MISP
misp stix taxii-hooks taxii-server information-sharing information-exchange
Created 2016-11-18
166 commits to master branch, last one 2 years ago
jonrau1
SyntheticSun jonrau1
16
77
gpl-3.0
6
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to cont...
aws misp kibana guardduty sagemaker automation serverless geolocation aws-security data-science elasticsearch aws-serverless security-tools machine-learning threat-detection anomaly-detection incident-response data-visualization security-automation threat-intelligence
Created 2020-04-21
90 commits to master branch, last one 3 years ago