MISP / threat-actor-intelligence-serverLinks
A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors.
☆48Updated last year
Alternatives and similar repositories for threat-actor-intelligence-server
Users that are interested in threat-actor-intelligence-server are comparing it to the libraries listed below
Sorting:
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Updated 4 years ago
- ☆30Updated 6 years ago
- FireEye iSIGHT Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆16Updated 6 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- pollen - A command-line tool for interacting with TheHive☆35Updated 6 years ago
- Docker Container to deploy Mitre Caldera Automated Adversary Emulation System☆26Updated 4 years ago
- Searches for Insider Threat Hunting☆32Updated 6 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- ☆13Updated 5 years ago
- A tool to assess data quality, built on top of the awesome OSSEM.☆78Updated 3 years ago
- OSSEM Modular☆27Updated 5 years ago
- Threat Box Assessment Tool☆19Updated 3 years ago
- Compilation of resources to help with Adversary Simulation automation harness☆100Updated 4 years ago
- Automatic detection engineering technical state compliance☆55Updated last year
- THOR MITRE ATT&CK Framework Coverage☆24Updated 5 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Updated 4 years ago
- A collection of typical false positive indicators☆55Updated 4 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆37Updated 2 years ago
- Recon Hunt Queries☆77Updated 4 years ago
- Website crawler with YARA detection☆88Updated last year
- Triage automation for suspect URLs☆13Updated 6 years ago
- Site for IWS book content☆18Updated 6 years ago
- BlueSploit is a DFIR framework with the main purpose being to quickly capture artifacts for later review.☆32Updated 5 years ago
- Cyber Analytics Platform and Examination System (CAPES) Project Page☆14Updated 3 years ago
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆87Updated 2 years ago
- ☆77Updated 6 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆45Updated 3 years ago