MISP / misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
☆516Updated 2 weeks ago
Related projects: ⓘ
- Zeek-Formatted Threat Intelligence Feeds☆340Updated this week
- Cortex Analyzers Repository☆430Updated last month
- MISP trainings, threat intel and information sharing training materials with source code☆374Updated 2 weeks ago
- Extract and aggregate threat intelligence.☆820Updated 7 months ago
- Defanged Indicator of Compromise (IOC) Extractor.☆497Updated 3 weeks ago
- MISP Docker (XME edition)☆283Updated 9 months ago
- A set of Zeek scripts to detect ATT&CK techniques.☆550Updated 2 months ago
- Python library using the MISP Rest API☆434Updated last week
- Online hash checker for Virustotal and other services☆808Updated 4 months ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆513Updated 2 weeks ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆337Updated 2 weeks ago
- DFIRTrack - The Incident Response Tracking Application☆479Updated 2 weeks ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,126Updated last year
- Repository of YARA rules made by Trellix ATR Team☆560Updated 9 months ago
- Actionable analytics designed to combat threats☆964Updated 2 years ago
- User guide of MISP☆254Updated 11 months ago
- ReversingLabs YARA Rules☆744Updated last week
- Documentation of TheHive☆391Updated last year
- CyLR - Live Response Collection Tool☆622Updated 2 years ago
- A knowledge base of actionable Incident Response techniques☆601Updated 2 years ago
- Indicators from Unit 42 Public Reports☆696Updated last week
- This content is analysis and research of the data sources currently listed in ATT&CK.☆402Updated last year
- Sophos-originated indicators-of-compromise from published reports☆534Updated last week
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆966Updated this week
- OpenCTI Connectors☆364Updated this week
- Tools for hunting for threats.☆564Updated last year
- The Python SDK for AlienVault OTX☆354Updated 4 months ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆580Updated 9 months ago
- Zeek Log Cheatsheets☆282Updated last year
- A (nearly) production ready Dockered MISP☆226Updated 8 months ago