Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
☆140May 23, 2023Updated 2 years ago
Alternatives and similar repositories for elasticintel
Users that are interested in elasticintel are comparing it to the libraries listed below
Sorting:
- Web interface to IntelMQ☆10Sep 10, 2025Updated 6 months ago
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- An open source virus scan aggregation framework.☆25Apr 25, 2014Updated 11 years ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Jul 26, 2019Updated 6 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Mar 17, 2019Updated 7 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆556May 9, 2023Updated 2 years ago
- Automated OpenDXL Output information via IntelMQ☆14Jul 20, 2017Updated 8 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆42Oct 30, 2018Updated 7 years ago
- Your Everyday Threat Intelligence☆1,959Updated this week
- 16,432 Free Yara rules created by☆391Jun 1, 2019Updated 6 years ago
- Vuls Beater for Elasticsearch - connecting vuls☆17Dec 15, 2020Updated 5 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆83Aug 4, 2021Updated 4 years ago
- ANWI - All New Wireless IDS☆28Nov 28, 2025Updated 3 months ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆10Oct 12, 2020Updated 5 years ago
- IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.☆1,116Feb 14, 2026Updated last month
- Mass Suricata rules creator, from a list of domain☆14Sep 14, 2018Updated 7 years ago
- Extracts indicators of compromise (IOCs), including domain names, IPv4 addresses, email addresses, and hashes, from text.☆11Dec 10, 2017Updated 8 years ago
- Listing subdomains about a main domain☆59May 9, 2018Updated 7 years ago
- AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project☆1,364Updated this week
- Virtual Machine for Adversary Emulation and Threat Hunting☆1,314Jan 22, 2025Updated last year
- Run DependencyCheck Against Your Orgs GitHub Repos.☆14Jan 5, 2018Updated 8 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- CRITs - Collaborative Research Into Threats☆911Jul 29, 2019Updated 6 years ago
- Real Time Threat Monitoring Tool☆114Nov 16, 2022Updated 3 years ago
- Create actionable data from your Vulnerability Scans☆1,396Dec 27, 2022Updated 3 years ago
- Use DNS to hunt for threats including DGAs☆15Jan 4, 2016Updated 10 years ago
- Collecting & Hunting for IOCs with gusto and style☆241Aug 1, 2021Updated 4 years ago
- A Python RESTful API framework for online malware analysis and threat intelligence services.☆368May 21, 2024Updated last year
- Hikeshi is a security incident response application that keeps documenting incidents simple, so you can focus on fighting fires.☆21Mar 6, 2023Updated 3 years ago
- A modular Python application to pull intelligence about malicious files☆123Dec 4, 2020Updated 5 years ago
- Community-based CybergON-powered Suricata rules☆12Jul 5, 2022Updated 3 years ago
- A platform to run private unannounced Honeypots as Tor Hidden Services (aka Onion Decoys) inside the Tor Network.☆25Aug 14, 2017Updated 8 years ago
- Query and report user logons relations from MS Windows Security Events☆243Aug 9, 2018Updated 7 years ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆808May 11, 2023Updated 2 years ago
- Main MineMeld documentation repo☆378Oct 3, 2017Updated 8 years ago
- TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…☆157Jun 13, 2025Updated 9 months ago
- This tool queries the emails that registered the domain and verifies if they were leaked in some data leak.☆67Oct 25, 2018Updated 7 years ago
- Easy automated vulnerability scanning, reporting and analysis☆709Jan 10, 2020Updated 6 years ago
- Exports MISP events to STIX and ingest into McAfee ESM☆15Feb 12, 2020Updated 6 years ago