blackberry/threat-research-and-intelligence external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

blackberry/threat-research-and-intelligence

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/blackberry/threat-research-and-intelligence)

Close

blackberry / threat-research-and-intelligenceView on GitHubMore

• External links
• Readme badge

BlackBerry Threat Research & Intelligence

☆100Oct 20, 2023Updated 2 years ago

Alternatives and similar repositories for threat-research-and-intelligence

Users that are interested in threat-research-and-intelligence are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• d3sre / IntelligentProcessLifecycle

  View on GitHub
  The Intelligent Process Lifecycle of Active Cyber Defenders
  ☆33Jan 1, 2023Updated 3 years ago
• cudeso / misp-tip-of-the-week

  View on GitHub
  A collection of tips for using MISP.
  ☆76Dec 11, 2024Updated last year
• haxrob / gtpdoor-scan

  View on GitHub
  ☆23Mar 17, 2024Updated 2 years ago
• sfakiana / SANS-CTI-Summit-2021

  View on GitHub
  Resources for SANS CTI Summit 2021 presentation
  ☆104Nov 8, 2023Updated 2 years ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 3 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• MISP / PyMISPWarningLists

  View on GitHub
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Jan 8, 2026Updated 2 months ago
• center-for-threat-informed-defense / cti-blueprints

  View on GitHub
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆283Mar 20, 2025Updated last year
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆164Nov 25, 2025Updated 4 months ago
• adulau / pdns-qof-server

  View on GitHub
  Passive DNS server interface compliant to "Common Output Format"
  ☆10Sep 19, 2016Updated 9 years ago
• williballenthin / viv-utils

  View on GitHub
  Utilities for working with vivisect
  ☆26Oct 1, 2025Updated 5 months ago
• 3c7 / yaramanager

  View on GitHub
  Simple yara rule manager
  ☆67Dec 27, 2022Updated 3 years ago
• kirk-sayre-work / box-js

  View on GitHub
  A tool for studying JavaScript malware.
  ☆15Mar 20, 2026Updated last week
• hasherezade / mal_unpack_py

  View on GitHub
  Python wrappers for mal_unpack
  ☆37Sep 19, 2023Updated 2 years ago
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• typosquatter / ail-typo-squatting

  View on GitHub
  Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.
  ☆104Apr 30, 2025Updated 11 months ago
• silascutler / IntelDB

  View on GitHub
  Minimal Indicator Storage System
  ☆11Feb 8, 2021Updated 5 years ago
• tsale / Sigma_rules

  View on GitHub
  Sigma rules to share with the community
  ☆124Jan 29, 2025Updated last year
• jstnk9 / ETW-Almulahaza

  View on GitHub
  ETW-Almulahaza is a consumer python-based tool that help you monitor ETW events of the operating system
  ☆13Jun 24, 2022Updated 3 years ago
• CrowdStrike / MISP-tools

  View on GitHub
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆53Mar 20, 2026Updated last week
• cisagov / flare-misp-service

  View on GitHub
  Automate the regular transfer of AIS data into a MISP Server
  ☆10Jun 5, 2024Updated last year
• OllieJC / tbat

  View on GitHub
  Threat Box Assessment Tool
  ☆19Mar 5, 2026Updated 3 weeks ago
• ConnorShride / box-ps

  View on GitHub
  Powershell sandboxing utility
  ☆19Mar 2, 2026Updated 3 weeks ago
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Dec 4, 2025Updated 3 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• hashlookup / a-ray-grass

  View on GitHub
  a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…
  ☆14Aug 19, 2022Updated 3 years ago
• sebdraven / IOCmite

  View on GitHub
  Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert
  ☆37Nov 9, 2022Updated 3 years ago
• zolderio / misp-to-sentinel

  View on GitHub
  Azure function to insert MISP data in to Azure Sentinel
  ☆34Oct 19, 2022Updated 3 years ago
• EXC3L-ONE / awesome-synapse

  View on GitHub
  List of Awesome Vertex Synapse Resources
  ☆28Aug 6, 2024Updated last year
• Cosive / cti-toolkit

  View on GitHub
  CERT Australia Cyber Threat Intelligence (CTI) Toolkit
  ☆15Nov 11, 2017Updated 8 years ago
• paladin316 / ThreatHunting

  View on GitHub
  This repo is where I store my Threat Hunting ideas/content
  ☆89Mar 20, 2026Updated last week
• COSSAS / sacti

  View on GitHub
  SACTI - Securely aggregate CTI sightings and report them on MISP
  ☆14Oct 24, 2022Updated 3 years ago
• jasonsford / intel_collector

  View on GitHub
  Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.
  ☆31Nov 6, 2023Updated 2 years ago
• darkquasar / AIMOD2

  View on GitHub
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆90Sep 16, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• AhmetPayaslioglu / YaraRules

  View on GitHub
  ☆22Jun 2, 2023Updated 2 years ago
• StrangerealIntel / CyberThreatIntel

  View on GitHub
  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  ☆723Dec 26, 2022Updated 3 years ago
• cudeso / misp-scraper

  View on GitHub
  A web scraper to create MISP events and reports
  ☆17Jun 30, 2025Updated 9 months ago
• ninoseki / ioc-extractor

  View on GitHub
  An npm package for extracting common IoC (Indicator of Compromise) from a block of text
  ☆63Updated this week
• marjatech / threatfox2misp

  View on GitHub
  Creating a Feed of MISP Events from ThreatFox (by abuse.ch)
  ☆19Jun 2, 2021Updated 4 years ago
• curated-intel / Log4Shell-IOCs

  View on GitHub
  A collection of intelligence about Log4Shell and its exploitation activity.
  ☆184Mar 4, 2022Updated 4 years ago
• trellix-enterprise / ac3-threat-sightings

  View on GitHub
  A threat sighting collects the behavior of a real threats and the observables used during its engagement.
  ☆12Mar 29, 2022Updated 4 years ago