stricaud / TA-misp

Related projects: ⓘ

• dfirence / drone
  ☆40Updated this week
• cmatthewbrooks / pyiocutils
  A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
  ☆17Updated 5 years ago
• CERT-Bund / misp-warninglists-analyzer
  Checks observables/ioc in TheHive/Cortex against the MISP warningslists
  ☆13Updated 6 years ago
• CERT-Bund / yara-exporter
  Exporting MISP event attributes to yara rules usable with Thor apt scanner
  ☆22Updated 7 years ago
• neu5ron / WinLogsZero2Hero
  This is a repository from Adam Swan and I's presentation on Windows Logs Zero 2 Hero.
  ☆21Updated 6 years ago
• dougiep16 / actortrackr
  Home to the ActorTrackr source code
  ☆24Updated 7 years ago
• bandrel / OCyara
  Performs OCR on image files and scans them for matches to YARA rules
  ☆39Updated 5 years ago
• truekonrads / kpulp
  Konrads' Pen-Ultimate (Windows) Log File Parser
  ☆13Updated 2 years ago
• fl0x2208 / ThreatHunting
  An informational repo about hunting for adversaries in your IT environment.
  ☆13Updated 7 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• jblukach / FileBlock.Info
  ☆11Updated this week
• sfakiana / FIRST-CTI-2019
  References for FIRST CTI 2019 Symposium presentation
  ☆23Updated 5 years ago
• devgc / EventMonkey
  A Windows Event Processing Utility
  ☆46Updated 6 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• DCSO / MISP-dockerized
  ☆33Updated 4 years ago
• dfirence / demos
  ☆16Updated this week
• MotiBa / Invoke-Adversary
  ☆35Updated this week
• fireeye / brocapi
  Bro PCAP Processing and Tagging API
  ☆27Updated 6 years ago
• deependresearch / hoard
  Historical Observations of Actionable Reputation Data
  ☆13Updated 6 years ago
• Concinnity-Risks / LogisticalBudget
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Updated 5 years ago
• endgameinc / SANS_THIR16
  SANS Hunting on the Cheap
  ☆35Updated 8 years ago
• Neo23x0 / exotron
  Sandbox feature upgrade with the help of wrapped samples
  ☆75Updated 6 years ago
• wolfpack1 / intel_collection_tools
  ☆21Updated 6 years ago
• jaegeral / osint-timelines
  Providing timelines based on OSINT Reports
  ☆32Updated last year
• IllusiveNetworks-Labs / HistoricProcessTree
  An Incident Response tool that visualizes historic process execution evidence (based on Event ID 4688 - Process Creation Event) in a tree…
  ☆59Updated 6 years ago
• 1aN0rmus / TekDefense
  Open Development projects for TekDefense
  ☆77Updated 7 years ago
• avuko / randori
  Randori: Like Aiki. With a couple of Dans under its belt.
  ☆14Updated 6 years ago
• adulau / threat-intelligence.eu
  threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…
  ☆48Updated 2 years ago
• micrictor / smbfp
  Zeek package to generate a SMB client fingerprint
  ☆26Updated 4 years ago