intelshare / What_is_this_forumLinks
Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses request it. These threat feeds often refer to sources using terms like "hacker forum" or "underground forum" without specifying names.
☆11Updated last month
Alternatives and similar repositories for What_is_this_forum
Users that are interested in What_is_this_forum are comparing it to the libraries listed below
Sorting:
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆96Updated 7 months ago
- Cyber Underground General Intelligence Requirements☆93Updated last year
- ☆22Updated 2 years ago
- Pythia is a versatile query format designed to facilitate the discovery of malicious infrastructure by seamlessly converting into the syn…☆33Updated 10 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 9 months ago
- Actively hunt for attacker infrastructure by filtering Shodan results with URLScan data.☆61Updated 11 months ago
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆101Updated 2 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Parses USB connection artifacts from offline Registry hives☆99Updated last week
- R3D SSH Hunter: The Ultimate SSH Key and Bad Guy Tracker☆12Updated 7 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆52Updated 6 months ago
- Linux Baseline and Forensic Triage Tool - BETA☆55Updated 2 years ago
- The Threat Actor Profile Guide for CTI Analysts☆107Updated last year
- ☆33Updated this week
- Data breaches, Leaks, Malwares Forums List <Please Use Vpn/TOR don't click on Link directly bad OPSEC>☆52Updated 2 weeks ago
- Finding ClickFix and FakeCAPTCHA like it's 1999☆40Updated this week
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 8 months ago
- Python based tool to extract forensic info from EventTranscript.db (Windows Diagnostic Data)☆69Updated last year
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆51Updated 3 weeks ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆33Updated last month
- Advanced Threat Hunting: Ransomware Group☆20Updated 6 months ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆31Updated 4 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆85Updated 4 months ago
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Updated 2 years ago
- Track C2 servers, tools, and botnets over time by framework and location☆40Updated 4 months ago
- A tool for fetching DFIR and other GitHub tools.☆24Updated last month
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆48Updated last year
- Config files for my GitHub profile.☆14Updated 2 years ago
- USN Journal full path builder☆60Updated 9 months ago