intelshare / What_is_this_forum
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆11Updated 2 months ago
Alternatives and similar repositories for What_is_this_forum:
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
- ☆22Updated 3 months ago
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 6 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆88Updated 6 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆35Updated this week
- Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>☆51Updated 2 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 8 months ago
- ☆21Updated 2 years ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆61Updated 9 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 2 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆26Updated 5 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆123Updated last year
- Cyber Underground General Intelligence Requirements☆92Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆68Updated last year
- Advanced Threat Hunting: Ransomware Group☆20Updated 5 months ago
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated 2 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 6 months ago
- Config files for my GitHub profile.☆14Updated 2 years ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆97Updated 2 weeks ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 3 months ago
- The Threat Actor Profile Guide for CTI Analysts☆106Updated last year
- A tool for fetching DFIR and other GitHub tools.☆23Updated this week
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated last year
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 2 months ago
- ☆32Updated last week
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated last year
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆23Updated this week
- The SOLVE-IT knowledge base for digital forensics☆27Updated this week
- Parses USB connection artifacts from offline Registry hives☆97Updated 3 months ago
- Remote access and Antivirus Logging Database☆42Updated last year