Your Everyday Threat Intelligence
-
Updated
Jul 16, 2024 - Python
Your Everyday Threat Intelligence
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Python library using the MISP Rest API
Malicious IP source.
Specifications used in the MISP project including MISP core format
An SSH honeypot written entirely in Go.
Defund the Police.
TAXII server implementation in Python from EclecticIQ
Extract and aggregate threat intelligence.
A (nearly) production ready Dockered MISP
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Defanged Indicator of Compromise (IOC) Extractor.
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
threatnote | Cyber Threat Intelligence Notebook
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Collection of best practices to add OSINT into MISP and/or MISP communities
Python bindings for Yeti's API
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Add a description, image, and links to the threat-sharing topic page so that developers can more easily learn about it.
To associate your repository with the threat-sharing topic, visit your repo's landing page and select "manage topics."