certtools / intelmqLinks
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
☆1,043Updated last week
Alternatives and similar repositories for intelmq
Users that are interested in intelmq are comparing it to the libraries listed below
Sorting:
- FAME Automates Malware Evaluation☆898Updated last month
- Your Everyday Threat Intelligence☆1,860Updated 3 weeks ago
- Extract and aggregate threat intelligence.☆865Updated last year
- CRITs - Collaborative Research Into Threats☆902Updated 5 years ago
- Cortex Analyzers Repository☆460Updated this week
- DPS' Lightweight Investigation Notebook☆430Updated last year
- A collection of sources of indicators of compromise.☆864Updated 3 weeks ago
- Python library using the MISP Rest API☆463Updated 2 weeks ago
- Documentation of TheHive☆397Updated last year
- Cortex: a Powerful Observable Analysis and Active Response Engine☆1,429Updated 7 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆465Updated 6 years ago
- MISP trainings, threat intel and information sharing training materials with source code☆408Updated this week
- Actionable analytics designed to combat threats☆986Updated 3 years ago
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆561Updated this week
- Cyber Analytics Repository☆939Updated 2 weeks ago
- Configuration files for the SOF-ELK VM☆1,590Updated 2 months ago
- Modular file scanning/analysis framework☆618Updated 5 years ago
- An information security preparedness tool to do adversarial simulation.☆1,123Updated 6 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆592Updated 11 months ago
- Open Source Security Events Metadata (OSSEM)☆1,269Updated 2 years ago
- ☆1,073Updated 6 years ago
- Online hash checker for Virustotal and other services☆825Updated 2 months ago
- Incident Response Methodologies☆1,024Updated 6 years ago
- A collection of resources for Threat Hunters☆886Updated 7 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- Indicators from Unit 42 Public Reports☆711Updated last week
- Real-time, container-based file scanning at enterprise scale☆925Updated last week
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated this week
- Tool to extract indicators of compromise from security reports in PDF format☆435Updated 2 years ago
- The Python SDK for AlienVault OTX☆375Updated last year