Build software better, together

toolswatch / vFeed

The Correlated CVE Vulnerability And Threat Intelligence Database API

Python Updated Feb 10, 2018

activecm / rita

Real Intelligence Threat Analytics

rita network-traffic threat scanning offensive-countermeasures bro-ids blueteam security logs analytics analysis bhis beacon beacon-sniffer dns dns-tunneling dga

Go Updated Mar 29, 2019 5 issues need help

certtools / intelmq

444

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing prot…

cybersecurity threat ioc malware phishing cert csirt intelligence incident-response alerts feeds incident handling automation ihap python

Python Updated Mar 29, 2019 10 issues need help

SupportIntelligence / Icewater

271

16,432 Free Yara rules created by

yara malware-analysis cluster threat dna

Updated Oct 3, 2018

TonyPhipps / THRecon

161

Threat Hunting Reconnaissance Toolkit

PowerShell Updated Mar 29, 2019

krakow2600 / atomic-threat-coverage

122

Automatically generated actionable analytics designed to combat threats based on MITRE's ATT&CK.

Python Updated Mar 28, 2019 38 issues need help

Graylog2 / graylog-plugin-threatintel

114

Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases

graylog threat otx whois-information abuse graylog-plugin threatintel threat-score threat-analysis spamhaus whois whois-lookup

Java Updated Mar 20, 2019

rastrea2r / rastrea2r

91

Collecting & Hunting for IOCs with gusto and style

threat hunting ioc security-tools

Python Updated Mar 13, 2019

usnistgov / mobile-threat-catalogue

84

NIST/NCCoE Mobile Threat Catalogue

threat catalogue nist mobile

HTML Updated May 4, 2018

docbleach / DocBleach

75

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

security-tools java office pdf threat content-disarm-reconstruct security

Java Updated Dec 17, 2018 2 issues need help

t4d / StalkPhish

61

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

phishing phishing-sites threat-intelligence threat-hunting threatintel fraud-detection osint investigation phishing-kit scammers threat

Python Updated Mar 14, 2019

cyberark / SkyArk

41

SkyArk helps to discover, assess and secure the most privileged entities in AWS

cloud-security powershell security-tools privileges cloud aws admins attacker threat

PowerShell Updated Mar 12, 2019

monarc-project / MonarcAppFO

32

MONARC - Method for an Optimised aNAlysis of Risks by @CASES-LU

risk-analysis governance cases security monarc cybersecurity threat vulnerabilities risk-assessment risk-evaluation risk-treatment

Shell Updated Mar 21, 2019

MHaggis / app_splunk_sysmon_hunter

31

Splunk App to assist Sysmon Threat Hunting

sysmon splunk threat

Updated Mar 7, 2017

CERTCC / Vulnerability-Data-Archive

27

With the hope that someone finds the data useful, we're publishing an archive of almost all of the non-sensitive vuln…

vulnerability-data vulnerability vulnerability-notes cert vulnerability-report threat-intelligence threatintel threat-analysis threat cve

Updated Nov 6, 2018

TonyPhipps / SIEM

23

SIEM Tactics, Techiques, and Procedures

Updated Mar 23, 2019

jymcheong / SysmonResources

17

Consolidation of various resources related to Microsoft Sysmon & sample data/log

sysmon threat threat-hunting

Python Updated Mar 8, 2019

mohlcyber / OpenDXL-ATD-MISP

10

Automated threat intelligence collection with McAfee ATD, OpenDXL and MISP

atd misp atd-subscriber threat dxl opendxl mcafee-atd mcafee

Python Updated Aug 17, 2018

3c7 / aptmap

8

A map displaying threat actors from the misp-galaxy

apt advanced persistent threat intelligence misp

TypeScript Updated Mar 12, 2019

P1llus / getfeeds

7

Python malware intelligence feed

threat threatintel python-library python3 feeds

Python Updated Feb 16, 2017

srcclr / build-inspector

5

Inspect your builds to look for changes in filesystem, network traffic and running processes.

inspector machine vagrant vagrant-virtual-machine java-vm gradle threat suspicious-builds inspector-monitors vagrantfile

Ruby Updated Aug 10, 2018

SoulSec / resource-threat-hunting

5

Repository resource for threat hunter

threat threat-hunting threat-intelligence threatintel

Updated Sep 14, 2018

cyberdefenders / shenzi-banzai

3

Shenti Blockchain Security Threat Intelligence Tool

pulse blockchain-security threat

Python Updated Nov 20, 2018

dim0x69 / windows-hunting

3

windows event threat hunting eventid sysmon

Go Updated Apr 29, 2017

MainframeSkuzzy / threatwall

3

Threat intelligence sourced IPtables rule automation,dynamically synchronized using a git repository

threat intelligence iptables synchnronized threatintel alienvault otx

Python Updated Feb 6, 2018

DaemonShao / ThreatCollector

2

威胁情报采集系统

python threat scrapy-spider

Python Updated Jan 12, 2019

mahesh557 / packetmail

2

Packetmail.net Intel Lookup for IPs

threatintel threat-intelligence threat

Perl Updated Apr 21, 2017

Anamico / node-red-contrib-checkpoint

1

Node-RED nodes for talking to Checkpoint

checkpoint firewall security nodered node-red threat automation

JavaScript Updated Nov 29, 2018

Anamico / node-red-contrib-proofpoint

1

Node-RED nodes for talking to Proofpoint

proofpoint siem reputation security nodered node-red threat automation

JavaScript Updated Oct 21, 2018

SoulSec / Resource-Threat-Intelligence

1

Repository resource threat intelligence for SOC

threat intelligence threat-intelligence malware-samples

Updated Sep 14, 2018

threat

Repositories 44