A curated list of awesome malware analysis tools and resources.
-
Updated
Nov 5, 2019 - 622 commits
#
threatintel
- Sign up for GitHub or sign in to edit this page
Here are 119 public repositories matching this topic...
SpiderFoot, the most complete OSINT collection and reconnaissance tool.
-
Updated
Nov 5, 2019 - 1 commits
- Python
Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
-
Updated
Nov 4, 2019 - 246 commits
- Python
Sysmon configuration file template with default high-quality event tracing
-
Updated
Nov 4, 2019 - 145 commits
Phishing catcher using Certstream
-
Updated
Nov 4, 2019 - 66 commits
- Python
rozie
commented
May 22, 2018
Description
Package uwsgi from Ubuntu repo is advised in production usage, but it is too old and won't work. File yeti_uwsgi.service has -w switch which is absent in this package.
Pip version works, probably it's sufficient to add uwsgi to requirements.txt
Environment
| Question | Answer |
|---|---|
| OS version | Ubuntu 16.04 LTS |
The Correlated CVE Vulnerability And Threat Intelligence Database API
-
Updated
Nov 4, 2019 - 79 commits
- Python
1
ufth
commented
May 6, 2019
proxycheck.io is very convenient service for detecting proxies with sane updated database. it has some interesting fields in its responses (see below)
without API key everyone gets 100 queries per day:
curl -s 'http://proxycheck.io/v2/37.60.48.2?risk=1&vpn=1&seen=1&port=1' | jq
{
"status": "ok",
"37.60.48.2": {
"proxy": "yes",
"type": "VPAdvanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
-
Updated
Oct 31, 2019 - 410 commits
- Batchfile
Powerful plugins and add-ons for hackers
-
Updated
Nov 4, 2019 - 33 commits
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
-
Updated
Nov 3, 2019 - 116 commits
- HTML
Defanged Indicator of Compromise (IOC) Extractor.
-
Updated
Nov 3, 2019 - 187 commits
- Python
Extract and aggregate threat intelligence.
-
Updated
Nov 4, 2019 - 413 commits
- Python
Intelligence and Reconnaissance Package/Bundle installer.
-
Updated
Oct 31, 2019 - 65 commits
- Shell
Threat Feed Aggregation, Made Easy
-
Updated
Oct 18, 2019 - 67 commits
- Python
CIF v3 -- the fastest way to consume threat intelligence
-
Updated
Oct 31, 2019 - 692 commits
- Python
Multithreaded threat Intelligence gathering built with Python3
-
Updated
Oct 27, 2019 - 115 commits
- Python
sirbod2005
commented
Feb 27, 2018
As most of us will be sitting behind a firewall, it would be useful to know the IPs/Host names and ports this plugin uses so we can open up our firewalls for only what is required.
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
-
Updated
Oct 31, 2019 - 49 commits
- Python
Domain name permutation engine written in Go
-
Updated
Nov 2, 2019 - 105 commits
- Go
MISP trainings, threat intel and information sharing training materials with source code
-
Updated
Nov 4, 2019 - 151 commits
- TeX
A dashboard for a real-time overview of threat intelligence from MISP instances
-
Updated
Nov 1, 2019 - 577 commits
- JavaScript
OSINT Threat Intel Interface - CLI for HoneyDB
-
Updated
Aug 14, 2019 - 43 commits
- Python
internet monitoring osint tool for windows
-
Updated
Sep 10, 2019 - 25 commits
- Visual Basic
aukjan
commented
Apr 18, 2018
Add the ability for using certificate-based authentication for the taxii-proxy command.
Hello everyone!
I have a few doubts on how events are handled across misp instances and Orgs. As I still haven't complete domain of the code and my curiosity is killing me, I'm coming here to ask help =]
Wil