intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.
☆41Mar 17, 2019Updated 6 years ago
Alternatives and similar repositories for intelligence-icons
Users that are interested in intelligence-icons are comparing it to the libraries listed below
Sorting:
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆104Dec 29, 2023Updated 2 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON☆52Apr 15, 2024Updated last year
- Tachikoma is a security alerting framework for human beings☆22Sep 7, 2018Updated 7 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆176Mar 23, 2021Updated 4 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23May 23, 2022Updated 3 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- A mapping of used malware names to commonly known family names☆62Feb 21, 2023Updated 3 years ago
- Collection of best practices to add OSINT into MISP and/or MISP communities☆65Sep 29, 2023Updated 2 years ago
- OASIS OpenC2 TC: Repository for submitting and reviewing OpenC2 use cases relevant to the work of the OpenC2 Language Subcommittee (LSC)☆30Apr 20, 2022Updated 3 years ago
- A Web Self Service Application for Generating OpenC2 Commands☆10Sep 26, 2019Updated 6 years ago
- ☆10Dec 28, 2015Updated 10 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Mar 19, 2019Updated 6 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- Enables Zeek to communicate with Tenzir☆11Jul 20, 2023Updated 2 years ago
- A Bro package to identify connections that are bursting (lots of data and transferring quickly).☆13Oct 15, 2020Updated 5 years ago
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆86Jan 11, 2024Updated 2 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆29Jun 11, 2020Updated 5 years ago
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Sep 21, 2025Updated 5 months ago
- Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.☆140May 23, 2023Updated 2 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- D4 core software (server and sample sensor client)☆43Dec 23, 2023Updated 2 years ago
- ☆14May 30, 2018Updated 7 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- provides a Suricata Eve output for Kafka with Suricate Eve plugin☆15Nov 25, 2021Updated 4 years ago
- A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB☆18Mar 15, 2024Updated last year
- Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings☆122Jul 12, 2021Updated 4 years ago
- Security Monitoring Resolution Categories☆138Nov 25, 2021Updated 4 years ago
- ☆34May 4, 2020Updated 5 years ago
- Tools used by CSIRT and especially in the scope of CNW☆18Updated this week
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆15Aug 17, 2018Updated 7 years ago
- Indices for courses in SANS' Network Security Operations curriculum☆17Feb 5, 2016Updated 10 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Apr 21, 2020Updated 5 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Nov 11, 2023Updated 2 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Apr 10, 2020Updated 5 years ago