Scripts for accessing and transforming cyber threat intelligence
☆26Nov 22, 2015Updated 10 years ago
Alternatives and similar repositories for cti-scripts
Users that are interested in cti-scripts are comparing it to the libraries listed below
Sorting:
- FireEye Alert json files to MISP Malware information sharing plattform (Alpha)☆32Jun 11, 2017Updated 8 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Sep 29, 2021Updated 4 years ago
- Script for pulling events from a MISP database and converting them to Autofocus queries.☆13Dec 28, 2015Updated 10 years ago
- Extract information from MISP via the API☆16Jul 18, 2016Updated 9 years ago
- Exporting MISP event attributes to yara rules usable with Thor apt scanner☆24Mar 27, 2017Updated 8 years ago
- Parse a report and import the events into MISP☆30Oct 19, 2015Updated 10 years ago
- Enables dynamic translation of structured data between formats☆14Dec 14, 2018Updated 7 years ago
- Python script that gets IOC from MISP and converts it into BRO intel files.☆13Apr 17, 2016Updated 9 years ago
- Validate IOC from MISP ; Export results and iocs to SIEM and sensors using syslog and CEF format☆14Sep 13, 2016Updated 9 years ago
- Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.☆15May 12, 2023Updated 2 years ago
- A collection of bro_scripts and signatures☆27Jun 26, 2019Updated 6 years ago
- A tool to convert MISP XML files (events and attributes) into graphs☆20May 13, 2017Updated 8 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Automated threat intelligence collection with McAfee ATD, OpenDXL and MISP☆22Feb 21, 2020Updated 6 years ago
- SightingDB is a database for Sightings☆22Jun 21, 2023Updated 2 years ago
- Ops-Trust Platform - Portal☆21Aug 5, 2016Updated 9 years ago
- Golang Library to interact with your MISP instance☆22Sep 12, 2019Updated 6 years ago
- Threat Intel and Incident Reponse☆10Aug 29, 2018Updated 7 years ago
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- Passive Bitcoin Project☆10Aug 10, 2015Updated 10 years ago
- Auxiliary scripts for Incident Response with ELK☆11Oct 7, 2015Updated 10 years ago
- ThreatTracker is a Python script designed to monitor and generate alerts on given sets of indicators of compromise (IOCs) indexed by a se…☆70Mar 9, 2015Updated 10 years ago
- Manage VT Alerts☆62Oct 4, 2016Updated 9 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- set of entities for Maltego including common STIX objects and several flavors of kill chain.☆11May 6, 2015Updated 10 years ago
- Ponmocup Indicators of Compromise☆11Feb 4, 2016Updated 10 years ago
- ☆14May 14, 2018Updated 7 years ago
- Python client and module for Vulnerability-Lookup.☆14Dec 9, 2025Updated 2 months ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago
- Maltego Transform to put entities into MISP events☆28Jul 24, 2021Updated 4 years ago
- MISP Workbench☆28Oct 19, 2016Updated 9 years ago
- ARCHIVED ce1sus, a threat information database ARCHIVED☆28Dec 8, 2015Updated 10 years ago
- Enrich a host with open source security information☆27Oct 4, 2015Updated 10 years ago
- Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy☆20Feb 10, 2026Updated 2 weeks ago
- Fast Evidence Collector Toolkit is an incident response toolkit to collect evidences on a suspicious windows computer☆41Jul 29, 2020Updated 5 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- Threat Intelligence distribution☆31Dec 30, 2015Updated 10 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- ssdeep based clustering tool☆14Jan 17, 2016Updated 10 years ago