Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.
☆53Oct 23, 2024Updated last year
Alternatives and similar repositories for proof-value-cti
Users that are interested in proof-value-cti are comparing it to the libraries listed below
Sorting:
- Interface LLMs from within MISP to extract TTPs and threat intel from CTI reports☆18Nov 13, 2023Updated 2 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆20Mar 28, 2022Updated 3 years ago
- Practical Information Sharing between Law Enforcement and CSIRT communities using MISP☆35Sep 18, 2023Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- ☆15Nov 25, 2021Updated 4 years ago
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆43Jan 20, 2026Updated last month
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆114Nov 19, 2024Updated last year
- CocktailParty is a data broker system based on phoenix framework☆23Apr 23, 2025Updated 10 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Apr 27, 2024Updated last year
- Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …☆10Oct 17, 2023Updated 2 years ago
- Cyber Underground General Intelligence Requirements☆98Feb 2, 2024Updated 2 years ago
- ☆61Jun 24, 2023Updated 2 years ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Oct 30, 2024Updated last year
- ☆10Mar 31, 2021Updated 4 years ago
- List of links and resources referred to in my SANS OSINT Summit 2024 Talk "OSINT On The Russian Internet"☆11Feb 29, 2024Updated 2 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Advanced Threat Hunting: Ransomware Group☆29Jul 9, 2025Updated 7 months ago
- Presentations from Conferences☆31Sep 14, 2024Updated last year
- ☆28Jan 8, 2025Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆57Updated this week
- Summarize CTI reports with OpenAI☆18Feb 23, 2026Updated last week
- Search an entire directory of .eml email files for a word or phrase... in over 100 languages.☆12Feb 28, 2023Updated 3 years ago
- Public Chronicle Detection Rules☆12Apr 25, 2023Updated 2 years ago
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 8 months ago
- Sandbox samples and monitor them with kunai☆29Jun 24, 2025Updated 8 months ago
- The Threat Actor Profile Guide for CTI Analysts☆116Jul 15, 2023Updated 2 years ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆59Apr 9, 2025Updated 10 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆282Mar 20, 2025Updated 11 months ago
- The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World☆159Dec 31, 2025Updated 2 months ago
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- ☆33Dec 10, 2024Updated last year
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆16Nov 7, 2025Updated 3 months ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 2 years ago
- A collection of CVEs weaponized by ransomware operators☆130Oct 13, 2025Updated 4 months ago
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago