intelshare / What_is_this_forumLinks
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆11Updated 2 weeks ago
Alternatives and similar repositories for What_is_this_forum
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
Sorting:
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆91Updated 7 months ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆38Updated this week
- CarbonBlack EDR detection rules and response actions☆71Updated 8 months ago
- ☆32Updated this week
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 7 months ago
- Cyber Underground General Intelligence Requirements☆92Updated last year
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 7 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆99Updated last month
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆61Updated 10 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- ☆21Updated 2 years ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 3 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated 3 months ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated last year
- The Threat Actor Profile Guide for CTI Analysts☆107Updated last year
- A tool for fetching DFIR and other GitHub tools.☆24Updated 2 weeks ago
- ☆22Updated 4 months ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- Parses USB connection artifacts from offline Registry hives☆99Updated 4 months ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆33Updated 9 months ago
- Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>☆52Updated 2 weeks ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆28Updated last week
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 3 months ago
- Forensics scripts aimed at automating & enhancing the Forensics Legend Eric Zimmerman's techniques, integrating the statistical detection…☆18Updated last year
- IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.☆64Updated last year
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆43Updated this week
- Quick ESXi Log Parser☆20Updated 4 months ago
- macOS Artifacts☆29Updated 3 months ago