Turn any blog into structured threat intelligence.
☆52Feb 27, 2026Updated this week
Alternatives and similar repositories for obstracts
Users that are interested in obstracts are comparing it to the libraries listed below
Sorting:
- Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)☆34Updated this week
- Firepit - STIX Columnar Storage☆18Jun 5, 2024Updated last year
- OpenCTI Add-On for Splunk☆13Jan 13, 2026Updated last month
- CocktailParty is a data broker system based on phoenix framework☆23Apr 23, 2025Updated 10 months ago
- ☆11Dec 9, 2025Updated 2 months ago
- Collect AWS logs and query them instantly with SQL! Open source CLI. No DB required.☆16Feb 10, 2026Updated 3 weeks ago
- Storage for the IOCs I collect☆11Mar 26, 2025Updated 11 months ago
- [ARCHIVED -- USE TXT2DETECTION] A command line tool that converts Sigma Rules into STIX 2.1 Objects.☆12Feb 19, 2026Updated last week
- Python 3 library to build YARA rules.☆13Oct 24, 2021Updated 4 years ago
- ☆15Aug 31, 2023Updated 2 years ago
- Automate the regular transfer of AIS data into a MISP Server☆10Jun 5, 2024Updated last year
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 8 months ago
- Automated threat intel feed parsing and consolidation💻👾🤖☆40Updated this week
- ☆30Jan 13, 2026Updated last month
- CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taki…☆339Updated this week
- AIL project training materials☆39Updated this week
- 🐐 Intrusion Detection System☆17Jan 10, 2023Updated 3 years ago
- ☆48Feb 14, 2026Updated 2 weeks ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- Interface LLMs from within MISP to extract TTPs and threat intel from CTI reports☆18Nov 13, 2023Updated 2 years ago
- ☆18Feb 2, 2026Updated last month
- AI-based implant feature☆25Apr 28, 2025Updated 10 months ago
- Lua plugin to extract data from Wireshark and convert it into MISP format☆49Oct 23, 2023Updated 2 years ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆111Jan 24, 2026Updated last month
- A curated list of Awesome Threat Intelligence Blogs☆506Feb 16, 2026Updated 2 weeks ago
- Community Detection Signature Build and Distribution Pipeline for YARA, Suricata, Snort and Sigma☆27Jun 20, 2023Updated 2 years ago
- MISP Playbooks☆222Oct 14, 2025Updated 4 months ago
- ☆35Jan 30, 2025Updated last year
- Cleanup of older MISP events can require some work until now☆27Sep 13, 2025Updated 5 months ago
- Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.☆102Apr 30, 2025Updated 10 months ago
- A minimal malware analysis sandbox for macOS☆34Feb 15, 2023Updated 3 years ago
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 9 months ago
- An open source platform to support analysts to organise their case and tasks☆126Updated this week
- Sublime rules for email attack detection, prevention, and threat hunting.☆348Updated this week
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated 11 months ago
- RISKEN is a monitoring tool for visualizing security risks.☆24Feb 3, 2026Updated 3 weeks ago
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆169Nov 10, 2023Updated 2 years ago
- A map of the botnet attacking our server☆14Aug 24, 2017Updated 8 years ago
- Sandbox samples and monitor them with kunai☆29Jun 24, 2025Updated 8 months ago