MISP / misp-sighting-server
MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indicators) in a space efficient way.
☆15Updated 10 months ago
Related projects ⓘ
Alternatives and complementary repositories for misp-sighting-server
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated 9 months ago
- A web scraper to create MISP events and reports☆14Updated last year
- ☆24Updated 2 years ago
- Easy way to create a MISP event related to a Phishing page☆17Updated last year
- Can you pay the ransom in your country?☆13Updated 10 months ago
- Yara rules☆19Updated last year
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- Threat Box Assessment Tool☆19Updated 3 years ago
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Updated 2 years ago
- ☆15Updated 2 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Updated 3 years ago
- ☆14Updated last year
- SACTI - Securely aggregate CTI sightings and report them on MISP☆13Updated 2 years ago
- Integration between MISP platform and McAfee MVISION EDR☆14Updated 2 years ago
- Collection of scripts used to analyse malware or emails☆19Updated 4 years ago
- Low budget VirusTotal Intelligence Cosplay☆20Updated 2 years ago
- ☆14Updated 6 years ago
- Attempt to replicate the functions of auto_rip by Corey Harrell in Python.☆13Updated 3 months ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34Updated 3 years ago
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- A tool to help malware analysts signature unique parts of RTF documents☆29Updated 9 months ago
- Generates YARA rules to detect malware using API hashing☆17Updated 3 years ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆13Updated 3 years ago
- A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo☆30Updated 4 years ago
- ☆19Updated last year
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆30Updated last year
- ☆15Updated 3 years ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago