csirtgadgets / cif-v5View external linksLinks
The FASTEST way to consume threat intel.
☆69May 10, 2023Updated 2 years ago
Alternatives and similar repositories for cif-v5
Users that are interested in cif-v5 are comparing it to the libraries listed below
Sorting:
- The Fastest way to consume Threat Intel☆26Apr 30, 2022Updated 3 years ago
- Proof-of-concept for phishing intelligence in Elastic☆15Apr 30, 2019Updated 6 years ago
- The FASTEST way to parse Email☆17Dec 24, 2021Updated 4 years ago
- CIF v3 -- the fastest way to consume threat intelligence☆183Apr 20, 2023Updated 2 years ago
- Synopsis is a tool to aid analysts reviewing browser history files by providing a high-level “synopsis” of key information.☆22Oct 31, 2018Updated 7 years ago
- service to convert nfcapd files clickhouse as they are created☆10Mar 22, 2025Updated 10 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆269Mar 17, 2023Updated 2 years ago
- Threat hunting in social media☆12Feb 17, 2019Updated 6 years ago
- Ripple20 Critical Vulnerabilities - Detection Logic and Signatures☆12May 28, 2021Updated 4 years ago
- Top DNS Measurement for Bro☆11Aug 22, 2020Updated 5 years ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆10Oct 12, 2020Updated 5 years ago
- Blackcert monitors Certificate Transparency Logs for a keyword. Blackcert collects any certificate changes for this keyword and also chec…☆10Dec 8, 2022Updated 3 years ago
- Bro Detection Scripts☆10Mar 9, 2021Updated 4 years ago
- HoneyDB Python Module☆14Feb 6, 2024Updated 2 years ago
- 🚀 IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS …☆13Mar 27, 2024Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆104Dec 29, 2023Updated 2 years ago
- The UNOFFICIAL (but useful) Ruby gem for the Rapid7 InsightVM/Nexpose RESTful API☆13Sep 12, 2024Updated last year
- Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists☆35Jan 8, 2026Updated last month
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Apr 17, 2020Updated 5 years ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- ☆16Apr 28, 2017Updated 8 years ago
- Reviews and tests of security products☆17Dec 28, 2024Updated last year
- A content inspecting SMTP proxy☆17Jun 9, 2014Updated 11 years ago
- DNS Dashboard for hunting and identifying beaconing☆16Jul 29, 2020Updated 5 years ago
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 4 months ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Oct 12, 2020Updated 5 years ago
- An active domain name query tool to help keep track of domain name movements...☆16Mar 28, 2021Updated 4 years ago
- Bring Your Own Mitre Att&ck © Matrix !☆13Oct 19, 2023Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Aug 30, 2022Updated 3 years ago
- Report Generation from the Carbon Black REST API☆15Mar 24, 2022Updated 3 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Feb 23, 2016Updated 9 years ago
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆68Oct 2, 2023Updated 2 years ago
- This repository contains various threat hunting tools written in Python and is documented in the series Python Threat Hunting Tools which…☆18Nov 16, 2023Updated 2 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 8 months ago
- Cyber Threat Intelligence Feeds☆70May 3, 2024Updated last year
- Cyber attack attribution is the process of attempting to trace back a piece of code or malware to a perpetrator of a cyberattack. As cybe…☆15Jan 15, 2021Updated 5 years ago
- Corelight@Home script☆45Oct 5, 2023Updated 2 years ago
- Public tools, scripts or code snippets that can help when working with our products☆46Updated this week