MISP / misp-galaxyLinks
Clusters and elements to attach to MISP events or attributes (like threat actors)
☆586Updated last week
Alternatives and similar repositories for misp-galaxy
Users that are interested in misp-galaxy are comparing it to the libraries listed below
Sorting:
- Defanged Indicator of Compromise (IOC) Extractor.☆550Updated last year
- Indicators from Unit 42 Public Reports☆725Updated 2 months ago
- Python library using the MISP Rest API☆474Updated this week
- MISP trainings, threat intel and information sharing training materials with source code☆419Updated 4 months ago
- Extract and aggregate threat intelligence.☆882Updated last year
- Cortex Analyzers Repository☆468Updated 2 weeks ago
- Tool to extract indicators of compromise from security reports in PDF format☆436Updated 2 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆357Updated last week
- Repository of YARA rules made by Trellix ATR Team☆613Updated 7 months ago
- Online hash checker for Virustotal and other services☆835Updated 7 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆385Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆609Updated last year
- YARA Rules I come across on the internet☆352Updated last year
- Cyber Analytics Repository☆964Updated 5 months ago
- The Python SDK for AlienVault OTX☆388Updated last year
- User guide of MISP☆278Updated 9 months ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆353Updated 4 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆717Updated 2 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆568Updated 10 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆468Updated 6 years ago
- ReversingLabs YARA Rules☆865Updated last week
- FAME Automates Malware Evaluation☆914Updated 2 weeks ago
- MITRE ATT&CK Website☆548Updated last week
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆335Updated 8 months ago
- OASIS TC Open Repository: Python APIs for STIX 2☆403Updated 5 months ago
- Actionable analytics designed to combat threats☆1,002Updated 3 years ago
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,088Updated last week
- A Python package to interact with the Mitre ATT&CK Framework☆477Updated 2 years ago
- Yara Rule Analyzer and Statistics☆389Updated 2 years ago
- Malware Configuration And Payload Extraction☆759Updated 11 months ago