MISP / misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
☆567Updated 2 weeks ago
Alternatives and similar repositories for misp-warninglists:
Users that are interested in misp-warninglists are comparing it to the libraries listed below
- Cortex Analyzers Repository☆455Updated this week
- User guide of MISP☆266Updated 3 months ago
- A set of Zeek scripts to detect ATT&CK techniques.☆585Updated 9 months ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated last week
- MISP trainings, threat intel and information sharing training materials with source code☆406Updated this week
- Zeek-Formatted Threat Intelligence Feeds☆359Updated this week
- Extract and aggregate threat intelligence.☆859Updated last year
- The Python SDK for AlienVault OTX☆370Updated 11 months ago
- MISP Docker (XME edition)☆282Updated last year
- Python library using the MISP Rest API☆460Updated 2 weeks ago
- Repository of YARA rules made by Trellix ATR Team☆592Updated last month
- Defanged Indicator of Compromise (IOC) Extractor.☆528Updated 7 months ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆558Updated last week
- Threat Hunting queries for various attacks☆232Updated this week
- Online hash checker for Virustotal and other services☆824Updated last month
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,031Updated last week
- Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.☆272Updated last week
- Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS☆155Updated 6 months ago
- A (nearly) production ready Dockered MISP☆231Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,261Updated 2 years ago
- A knowledge base of actionable Incident Response techniques☆636Updated 2 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆374Updated 2 years ago
- Sophos-originated indicators-of-compromise from published reports☆578Updated 3 weeks ago
- Tools for hunting for threats.☆580Updated 6 months ago
- Actionable analytics designed to combat threats☆982Updated 2 years ago
- CyLR - Live Response Collection Tool☆674Updated 2 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,150Updated last year
- Indicators of Compromise