JCyberSec / CTIURLScan
CTI-URLScan is a command line tool to enable analysts to search URLscan.io submissions. Pull screenshot and DOM content. As well as, automatic extraction of API items to allow for easier ingestion later on.
☆10Updated 4 years ago
Alternatives and similar repositories for CTIURLScan:
Users that are interested in CTIURLScan are comparing it to the libraries listed below
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- ☆24Updated 2 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- GreyNoise Maltego integration and transforms☆20Updated 2 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- Home to the ActorTrackr source code☆28Updated 7 years ago
- Use DNS to hunt for threats including DGAs☆15Updated 9 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 4 years ago
- Convert Wigle.net result from json to Kml☆15Updated 4 years ago
- Open source training materials for law-enforcement and organisations interested in DFIR.☆55Updated 2 months ago
- Yara scan Phishing Kit's Zip archive(s)☆57Updated 11 months ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- Searches for Insider Threat Hunting☆31Updated 5 years ago
- A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.☆21Updated 2 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆43Updated 3 years ago
- Site for IWS book content☆18Updated 6 years ago
- The Purpose of this research tool is to provide a Python client into RiskIQ API services.☆22Updated 4 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆56Updated 2 months ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- ☆33Updated 2 months ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆42Updated 2 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Updated 3 years ago
- Converting data from services like Censys and Shodan to a common data model☆49Updated 6 months ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆31Updated 3 years ago
- Quick & Dirty DFIR scripts developed by Ebryx DFIR team to keep handy during field assignment☆14Updated 8 months ago
- Hashes of infamous malware☆26Updated last year
- ☆11Updated 4 years ago
- Quick script to build host or investigation timelines using Carbon Black Response☆12Updated 6 years ago