blackberry / threat-research-and-intelligenceView external linksLinks
BlackBerry Threat Research & Intelligence
☆100Oct 20, 2023Updated 2 years ago
Alternatives and similar repositories for threat-research-and-intelligence
Users that are interested in threat-research-and-intelligence are comparing it to the libraries listed below
Sorting:
- A collection of tips for using MISP.☆76Dec 11, 2024Updated last year
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- Automate the regular transfer of AIS data into a MISP Server☆10Jun 5, 2024Updated last year
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆23Mar 17, 2024Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆281Mar 20, 2025Updated 10 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- Simple yara rule manager☆66Dec 27, 2022Updated 3 years ago
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 2 months ago
- Signatures and IoCs from public Volexity blog posts.☆363Dec 4, 2025Updated 2 months ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆36Nov 9, 2022Updated 3 years ago
- Threat Box Assessment Tool☆19Aug 15, 2021Updated 4 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- Utilities for working with vivisect☆26Oct 1, 2025Updated 4 months ago
- AIL project training materials☆39Jul 17, 2025Updated 7 months ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Dec 24, 2023Updated 2 years ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system☆13Jun 24, 2022Updated 3 years ago
- This repository regroups the Yara Rules for the Unprotect Project☆26Nov 19, 2020Updated 5 years ago
- Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.☆101Apr 30, 2025Updated 9 months ago
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Sep 21, 2025Updated 4 months ago
- A web scraper to create MISP events and reports☆17Jun 30, 2025Updated 7 months ago
- Minimal Indicator Storage System☆11Feb 8, 2021Updated 5 years ago
- Best practices in threat intelligence☆50Nov 6, 2022Updated 3 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆59Oct 5, 2025Updated 4 months ago
- ☆22Jun 2, 2023Updated 2 years ago
- macOS triage is a python script to collect various macOS logs, artifacts, and other data.☆25Mar 25, 2021Updated 4 years ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- This repo is where I store my Threat Hunting ideas/content☆88May 9, 2023Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- MISP website (hugo-based)☆25Jan 15, 2026Updated last month
- YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.☆27Dec 14, 2021Updated 4 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- A tool for studying JavaScript malware.☆15Feb 9, 2026Updated last week
- A tool to generate datasets and models based on vulnerabilities descriptions from @Vulnerability-Lookup.☆23Updated this week
- Resources for SANS CTI Summit 2021 presentation☆104Nov 8, 2023Updated 2 years ago