MISP / data-processing
Scripts to process big chunks of data from MISP and do in depth correlations on samples.
☆12Updated 8 years ago
Related projects ⓘ
Alternatives and complementary repositories for data-processing
- MISP Workbench☆28Updated 8 years ago
- Extract information from MISP via the API☆15Updated 8 years ago
- Maltego Transform to put entities into MISP events☆26Updated 3 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Updated 8 years ago
- Enables dynamic translation of structured data between formats☆14Updated 5 years ago
- ssdeep based clustering tool☆14Updated 8 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20Updated 7 years ago
- Python module to use the MISP Taxonomies☆29Updated 2 months ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆13Updated 8 years ago
- The ContactDB project was initiated to cover the need for a tool to maintain contacts for CSIRT teams☆37Updated 2 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Updated 7 years ago
- Tools☆13Updated last year
- Useful scripts, rules etc. for use with YARA☆27Updated 3 years ago
- Export MISP attributes in Yara☆12Updated 7 years ago
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Updated 7 years ago
- revised "peHash: A Novel Approach to Fast Malware Clustering"☆21Updated 8 years ago
- NSRL BloomFilter, Mandiant BloomFilter, Hyperloglog Malware Data Structure☆15Updated 10 years ago
- Python libary to normalize Yara signatures☆19Updated 4 years ago
- IntelMQ command line tool to process events and send out email notifications.☆9Updated last month
- Multiple rules for yara-project for detect compiler/packer/protector☆33Updated 4 years ago
- A Postfix filter which takes a piped message and submits it to Cuckoo Sandbox☆11Updated 8 years ago
- Automation for VirusTotal☆31Updated 8 years ago
- Home to the ActorTrackr source code☆24Updated 7 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Updated 5 years ago
- Command-line Interface for Binar.ly☆37Updated 7 years ago
- CRL Monitor - X.509 Certificate Revocation List monitoring and X.509/Subject caching☆33Updated 3 years ago
- API Tools☆27Updated 8 years ago
- A content inspecting SMTP proxy☆17Updated 10 years ago