infobloxopen / threat-intelligence
☆64Updated 2 months ago
Alternatives and similar repositories for threat-intelligence:
Users that are interested in threat-intelligence are comparing it to the libraries listed below
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆67Updated 2 months ago
- Fast IOC and YARA Scanner☆76Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 2 months ago
- ☆84Updated this week
- Sample programs to access the API☆76Updated this week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆115Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 9 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆101Updated 4 months ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆42Updated 3 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆60Updated 9 months ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆53Updated this week
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆75Updated 3 months ago
- This repository contains Splunk queries to hunt some anomalies☆38Updated 2 years ago
- A collection of various SIEM rules relating to malware family groups.☆65Updated 7 months ago
- Advanced Threat Hunting: Ransomware Group☆19Updated 2 months ago
- MISP to Sentinel integration☆62Updated 2 months ago
- The Threat Actor Profile Guide for CTI Analysts☆104Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆35Updated last month
- Convert Sigma rules to LogRhythm searches☆20Updated 2 years ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆109Updated 2 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆82Updated last week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 10 months ago
- Building a consolidated RSS feed for articles about cyberattacks☆65Updated this week
- Azure function to insert MISP data in to Azure Sentinel☆31Updated 2 years ago
- An open source platform to support analysts to organise their case and tasks☆65Updated this week
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆83Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 3 months ago
- Open Threat-Informed Detection Engineering☆37Updated last month
- A tool that allows you to document and assess any security automation in your SOC☆45Updated 3 months ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆52Updated 2 weeks ago