csirt-tooling-org / csirt-tooling-best-practicesLinks
CSIRT Tooling: Best Practices in Developing, Maintaining and Distributing Open Source Tools
☆16Updated 3 years ago
Alternatives and similar repositories for csirt-tooling-best-practices
Users that are interested in csirt-tooling-best-practices are comparing it to the libraries listed below
Sorting:
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Updated 3 years ago
- Tools used by CSIRT and especially in the scope of CNW☆17Updated 2 weeks ago
- The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…☆13Updated 4 months ago
- External twitter feeder for AIL framework☆16Updated 2 years ago
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆11Updated 5 months ago
- A tool to generate datasets and models based on vulnerabilities descriptions from @Vulnerability-Lookup.☆23Updated last week
- Automate the regular transfer of AIS data into a MISP Server☆10Updated last year
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- A web scraper to create MISP events and reports☆17Updated 7 months ago
- misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based…☆17Updated 3 weeks ago
- ☆24Updated 3 years ago
- Notes for High Availability MISP in AWS☆19Updated 6 years ago
- Similarius is a Python library to compare web page and evaluate the level of similarity.☆23Updated 2 months ago
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Updated 3 weeks ago
- AIL project training materials☆39Updated 6 months ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15Updated 2 years ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆19Updated 7 years ago
- MISP sighting server is a fast sighting server to store and look-up sightings on attributes (network indicators, file hashes, system indi…☆15Updated 2 years ago
- Scripts to deploy and update MISP in air-gapped environments☆17Updated 2 weeks ago
- Incident Notification Platform by @NC3-LU☆11Updated this week
- Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suric…☆39Updated last week
- A curses-style interface for automatic takedown notification based on MISP events.☆20Updated 5 years ago
- Tool for automatic list generation of known TOR and VPN exit nodes☆29Updated 2 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Updated 2 years ago
- A privacy-aware exchange module to securely and privately share your indicators☆14Updated 8 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- CocktailParty is a data broker system based on phoenix framework☆23Updated 9 months ago
- Lua plugin to extract data from Wireshark and convert it into MISP format☆49Updated 2 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 4 years ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Updated 3 years ago