Cyber Threat Intelligence
☆80Dec 7, 2025Updated 5 months ago
Alternatives and similar repositories for CTI
Users that are interested in CTI are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆17Jun 25, 2025Updated 10 months ago
- ☆33Mar 24, 2026Updated 2 months ago
- Splunk Add-on for PowerShell provides field extraction for PowerShell event logs.☆17Feb 1, 2021Updated 5 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Augmentation to Machine Readable CTI☆38Apr 22, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆20Mar 24, 2026Updated 2 months ago
- Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.☆199May 12, 2026Updated last week
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Apr 3, 2024Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 6 months ago
- ☆19Aug 6, 2021Updated 4 years ago
- A simple utility for stripping out either the SHA-1, MD5 or CRC values alone from the NSRL hash database☆14Nov 19, 2021Updated 4 years ago
- The Art of Pivoting - Techniques for Intelligence Analysts to Discover New Relationships in a Complex World☆180May 2, 2026Updated 3 weeks ago
- Living off the False Positive!☆42Apr 3, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆45Jun 28, 2025Updated 10 months ago
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆36Feb 1, 2022Updated 4 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 11 months ago
- Small web frontend for using openAI's GPT-3.5 and GPT-4's API☆59May 13, 2026Updated last week
- Automatic Microsoft Sentinel Deployment☆16Apr 1, 2025Updated last year
- Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…☆162May 6, 2026Updated 2 weeks ago
- ☆110Dec 9, 2025Updated 5 months ago
- ☆42Sep 16, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Sentinel Threat Intelligence Upload Toolkit☆18Jul 15, 2024Updated last year
- ☆25Jul 12, 2023Updated 2 years ago
- Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)☆39Updated this week
- A cyber threat intelligence chatbot that ingested 2200+ reports from vx-underground.☆33Apr 1, 2024Updated 2 years ago
- TCP over DNS tunnel b[l]ind written in go.☆16Dec 22, 2024Updated last year
- Security Operations Center Multiple Purpose Tool, takes IP address input, conducts OSINT, conducts splunk, bro, fireeye, imperva, and fir…☆23Jun 6, 2017Updated 8 years ago
- A Python-based tool that monitors dark web sources for mentions of specific organizations for Threat Monitoring.☆25Apr 7, 2025Updated last year
- Git for me to put all my forensics stuff☆23Sep 2, 2025Updated 8 months ago
- CHEF cookbook for automating provisioning of CTF competition and wargame challenge platforms☆12Jan 5, 2016Updated 10 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Converts Sigma detection rules to a Splunk alert configuration.☆117May 18, 2020Updated 6 years ago
- Search Engines ADs scanner - spotting malvertising in search engines has never been easier!☆47Nov 10, 2025Updated 6 months ago
- ☆97Jan 7, 2026Updated 4 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Yara rules☆21Mar 27, 2023Updated 3 years ago
- Operation Fast Cash - Hidden Cobra‘s AIX PowerPC malware dissected☆25Dec 31, 2018Updated 7 years ago
- A repository dedicated to tracking ransomware families based on leaked builders.☆22Apr 17, 2024Updated 2 years ago