blackberry/threat-research-and-intelligence external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

blackberry/threat-research-and-intelligence

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/blackberry/threat-research-and-intelligence)

Close

blackberry / threat-research-and-intelligenceView on GitHubMore

• External links
• Readme badge

BlackBerry Threat Research & Intelligence

☆99Oct 20, 2023Updated 2 years ago

Alternatives and similar repositories for threat-research-and-intelligence

Users that are interested in threat-research-and-intelligence are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• d3sre / IntelligentProcessLifecycle

  View on GitHub
  The Intelligent Process Lifecycle of Active Cyber Defenders
  ☆34Jan 1, 2023Updated 3 years ago
• cudeso / misp-tip-of-the-week

  View on GitHub
  A collection of tips for using MISP.
  ☆76Dec 11, 2024Updated last year
• sfakiana / SANS-CTI-Summit-2021

  View on GitHub
  Resources for SANS CTI Summit 2021 presentation
  ☆104Nov 8, 2023Updated 2 years ago
• haxrob / gtpdoor-scan

  View on GitHub
  ☆23Mar 17, 2024Updated 2 years ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 4 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• center-for-threat-informed-defense / cti-blueprints

  View on GitHub
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆288Mar 20, 2025Updated last year
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆165Nov 25, 2025Updated 5 months ago
• adulau / pdns-qof-server

  View on GitHub
  Passive DNS server interface compliant to "Common Output Format"
  ☆10Sep 19, 2016Updated 9 years ago
• williballenthin / viv-utils

  View on GitHub
  Utilities for working with vivisect
  ☆26Oct 1, 2025Updated 7 months ago
• MISP / PyMISPWarningLists

  View on GitHub
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆36Jan 8, 2026Updated 4 months ago
• 3c7 / yaramanager

  View on GitHub
  Simple yara rule manager
  ☆67Dec 27, 2022Updated 3 years ago
• hasherezade / mal_unpack_py

  View on GitHub
  Python wrappers for mal_unpack
  ☆37Sep 19, 2023Updated 2 years ago
• kirk-sayre-work / box-js

  View on GitHub
  A tool for studying JavaScript malware.
  ☆15Apr 20, 2026Updated 2 weeks ago
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• typosquatter / ail-typo-squatting

  View on GitHub
  Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.
  ☆104Apr 30, 2025Updated last year
• silascutler / IntelDB

  View on GitHub
  Minimal Indicator Storage System
  ☆11Feb 8, 2021Updated 5 years ago
• jstnk9 / ETW-Almulahaza

  View on GitHub
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Jun 24, 2022Updated 3 years ago
• tsale / Sigma_rules

  View on GitHub
  Sigma rules to share with the community
  ☆125Jan 29, 2025Updated last year
• CrowdStrike / MISP-tools

  View on GitHub
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆54Mar 20, 2026Updated last month
• cisagov / flare-misp-service

  View on GitHub
  Automate the regular transfer of AIS data into a MISP Server
  ☆10Jun 5, 2024Updated last year
• OllieJC / tbat

  View on GitHub
  Threat Box Assessment Tool
  ☆19Mar 5, 2026Updated 2 months ago
• ConnorShride / box-ps

  View on GitHub
  Powershell sandboxing utility
  ☆19Mar 2, 2026Updated 2 months ago
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆367Dec 4, 2025Updated 5 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• hashlookup / a-ray-grass

  View on GitHub
  a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…
  ☆14Aug 19, 2022Updated 3 years ago
• sebdraven / IOCmite

  View on GitHub
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Nov 9, 2022Updated 3 years ago
• zolderio / misp-to-sentinel

  View on GitHub
  Azure function to insert MISP data in to Azure Sentinel
  ☆33Oct 19, 2022Updated 3 years ago
• EXC3L-ONE / awesome-synapse

  View on GitHub
  List of Awesome Vertex Synapse Resources
  ☆28Aug 6, 2024Updated last year
• Cosive / cti-toolkit

  View on GitHub
  CERT Australia Cyber Threat Intelligence (CTI) Toolkit
  ☆15Nov 11, 2017Updated 8 years ago
• paladin316 / ThreatHunting

  View on GitHub
  This repo is where I store my Threat Hunting ideas/content
  ☆90Mar 20, 2026Updated last month
• COSSAS / sacti

  View on GitHub
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Oct 24, 2022Updated 3 years ago
• jasonsford / intel_collector

  View on GitHub
  Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.
  ☆31Nov 6, 2023Updated 2 years ago
• darkquasar / AIMOD2

  View on GitHub
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆90Sep 16, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• AhmetPayaslioglu / YaraRules

  View on GitHub
  ☆22Jun 2, 2023Updated 2 years ago
• StrangerealIntel / CyberThreatIntel

  View on GitHub
  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  ☆726Dec 26, 2022Updated 3 years ago
• cudeso / misp-scraper

  View on GitHub
  A web scraper to create MISP events and reports
  ☆17Jun 30, 2025Updated 10 months ago
• ninoseki / ioc-extractor

  View on GitHub
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆63Apr 11, 2026Updated 3 weeks ago
• marjatech / threatfox2misp

  View on GitHub
  Creating a Feed of MISP Events from ThreatFox (by abuse.ch)
  ☆19Jun 2, 2021Updated 4 years ago
• trellix-enterprise / ac3-threat-sightings

  View on GitHub
  A threat sighting collects the behavior of a real threats and the observables used during its engagement.
  ☆12Mar 29, 2022Updated 4 years ago
• curated-intel / Log4Shell-IOCs

  View on GitHub
  A collection of intelligence about Log4Shell and its exploitation activity.
  ☆184Mar 4, 2022Updated 4 years ago