GitHub topics: cyber-threat-intelligence

Repositories

intelowlproject/IntelOwl

IntelOwl: manage your Threat Intelligence at scale

Language: Python - Size: 145 MB - Last synced at: about 2 hours ago - Pushed at: about 20 hours ago - Stars: 4,146 - Forks: 489

MrM8BRH/Defensive-Security-Hub

A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.

Size: 43 KB - Last synced at: about 9 hours ago - Pushed at: about 10 hours ago - Stars: 0 - Forks: 0

TheHive-Project/Cortex-Analyzers

Cortex Analyzers Repository

Language: Python - Size: 199 MB - Last synced at: about 14 hours ago - Pushed at: about 15 hours ago - Stars: 461 - Forks: 387

ciioprof0/cti-publicus

Cyber threat intelligence derived from publicly available information using open‐source intelligence collection methods

Size: 9.77 KB - Last synced at: about 20 hours ago - Pushed at: about 20 hours ago - Stars: 0 - Forks: 0

EndlessFractal/Threat-Intel-Feed

Automated threat intel feed parsing and consolidation💻👾🤖

Language: Python - Size: 7.54 MB - Last synced at: about 21 hours ago - Pushed at: about 22 hours ago - Stars: 27 - Forks: 8

In Greek mythology, Hermes was the messenger of the gods, a patron of travelers, and a protector of merchants, orators, and even thieves. In the cyber world, our Hermes channels that spirit—delivering SaaS scholarly, hackcidents, intel, news, and exploit (SHINE) updates straight to you with no nonsense.

Language: JavaScript - Size: 39.3 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 0 - Forks: 0

duggytuxy/Intelligence_IPv4_Blocklist

Intelligence Blocklist (IPv4). DST = France & Belgium

Size: 15 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 268 - Forks: 34

TheHive-Project/Cortex

Cortex: a Powerful Observable Analysis and Active Response Engine

Language: Scala - Size: 4.76 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 1,432 - Forks: 243

S-L1/ti_scraper

Highly configurable scripts for a web scraper intended to be used for cyber threat intelligence

Language: Python - Size: 2.2 MB - Last synced at: about 14 hours ago - Pushed at: 3 days ago - Stars: 7 - Forks: 1

intelowlproject/GreedyBear

Threat Intel Platform for T-POTs

Language: Python - Size: 2.58 MB - Last synced at: 3 days ago - Pushed at: 8 days ago - Stars: 150 - Forks: 38

Rizzy1857/ArteFact

an open-source digital forensics toolkit

Language: Python - Size: 1.4 MB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 2 - Forks: 1

center-for-threat-informed-defense/attack-powered-suit

ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.

Language: JavaScript - Size: 7.23 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 78 - Forks: 12

LeoMartinezTAMUK/IRIS

Intelligent Real-Time Intrusion Detection System (IRIS) is a deep learning-based framework for real-time network intrusion detection. This project addresses the challenges of detecting malicious traffic in a simulated real-time system by leveraging a Deep Neural Network (DNN) for dimensionality reduction and efficient binary classification.

Language: Python - Size: 6.59 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

SEKOIA-IO/documentation

SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM

Language: JavaScript - Size: 672 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 46 - Forks: 63

mitre-attack/attack-website

MITRE ATT&CK Website

Language: HTML - Size: 2.25 GB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 532 - Forks: 152

simplefastfunnels254/tg-cybersec

Telegram cybersecurity channels

Language: JavaScript - Size: 79.1 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1 - Forks: 0

mthcht/ThreatIntel-Reports

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports

Language: Python - Size: 2.07 GB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 118 - Forks: 11

RiadhBenlamine/Apache-logger

Apache log analyzer, lightweight log parser for cybersecurity analyst.

Language: Python - Size: 15.6 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0

ZishanAdThandar/hackify

A single script to install important Pentesting Tools and wordlists on Debian based Linux OS.

Language: Shell - Size: 2.8 MB - Last synced at: 6 days ago - Pushed at: 7 days ago - Stars: 20 - Forks: 2

aw-junaid/Hacking-Tools

This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.

Language: C - Size: 2.14 GB - Last synced at: 6 days ago - Pushed at: 2 months ago - Stars: 560 - Forks: 160

substationworm/IndCyberSecLetters

Collection of studies and analyses of incidents in the field of industrial cybersecurity.

Size: 130 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 3 - Forks: 0

stanfrbd/cyberbro

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.

Language: HTML - Size: 1.4 MB - Last synced at: 7 days ago - Pushed at: 8 days ago - Stars: 406 - Forks: 31

muchdogesec/txt2stix

Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.

Language: Python - Size: 1.03 MB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 57 - Forks: 5

mzainxo/ICADS-android-app

This is an android app of the Intelligent Cyber Attacks Detection System (ICADS)which uses Machine Learning (anomaly-based) techniques to detect sophisticated DDoS attacks and generate alerts on Suricata IDS, web and mobile apps.

Language: Java - Size: 772 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 0 - Forks: 0

center-for-threat-informed-defense/adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

Language: C - Size: 626 MB - Last synced at: 8 days ago - Pushed at: 9 days ago - Stars: 1,903 - Forks: 334

center-for-threat-informed-defense/m3tid

The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activities associated with its practice.

Language: Makefile - Size: 5.68 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 16 - Forks: 3

center-for-threat-informed-defense/threat-modeling-with-attack

Threat Modeling with ATT&CK defines how to integreate MITRE ATT&CK® into your organization’s existing threat modeling methodology.

Language: Makefile - Size: 22.9 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 7 - Forks: 3

center-for-threat-informed-defense/sightings_ecosystem

Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE ATT&CK® techniques observed to give defenders real data on technique prevalence.

Language: Python - Size: 19.2 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 34 - Forks: 7

center-for-threat-informed-defense/insider-threat-ttp-kb

The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.

Language: Python - Size: 14.8 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 144 - Forks: 19

center-for-threat-informed-defense/top-attack-techniques

Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques to focus on first.

Language: Vue - Size: 8.65 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 118 - Forks: 21

center-for-threat-informed-defense/attack-flow

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.

Language: TypeScript - Size: 43.9 MB - Last synced at: 8 days ago - Pushed at: 28 days ago - Stars: 647 - Forks: 101

spmedia/PhishingSecLists

To be used with tools like GoBuster & DirBuster but these lists are specifically tailored and designed for scanning phishing <>< landing pages and other malicious or sketch af financial/crypto fraud websites.

Size: 793 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 48 - Forks: 6

mitre-attack/mitreattack-python

A python module for working with ATT&CK

Language: Python - Size: 8.82 MB - Last synced at: 9 days ago - Pushed at: 30 days ago - Stars: 550 - Forks: 132

weisshorn-cyd/gocti

Unofficial OpenCTI Golang Client

Language: Go - Size: 1.11 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 7 - Forks: 0

BlackSnufkin/OdinEye

Create a private Discord CTI "Dashboard" using various Discord bots It,'s a simple and effective way to stay informed and up-to-date on the latest developments and news in Offensive Security World

Size: 80.1 KB - Last synced at: 8 days ago - Pushed at: over 2 years ago - Stars: 15 - Forks: 3

mzainxo/ICADS

Intelligent Cyber Attacks Detection System (ICADS) uses Machine Learning (anomaly-based) techniques to detect sophisticated DDoS attacks and generate alerts on Suricata IDS.

Language: Python - Size: 373 KB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 0 - Forks: 0

center-for-threat-informed-defense/cti-blueprints

CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.

Language: TypeScript - Size: 27.3 MB - Last synced at: 13 days ago - Pushed at: 3 months ago - Stars: 249 - Forks: 32

mitre-attack/car

Cyber Analytics Repository

Language: Python - Size: 1.97 MB - Last synced at: 14 days ago - Pushed at: 21 days ago - Stars: 939 - Forks: 342

Offensive-Panda/DefenseEvasionTechniques

This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedicated to improving their skills in malware development, malware research, offensive security, security defenses and measures.

Language: C++ - Size: 342 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 117 - Forks: 16

oasis-open/cti-python-stix2

OASIS TC Open Repository: Python APIs for STIX 2

Language: Python - Size: 4.49 MB - Last synced at: 9 days ago - Pushed at: about 1 month ago - Stars: 384 - Forks: 123

oasis-open/cti-stix-validator

OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices

Language: Python - Size: 1.29 MB - Last synced at: 14 days ago - Pushed at: 3 months ago - Stars: 52 - Forks: 41

mitre-attack/attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices

Language: TypeScript - Size: 45.5 MB - Last synced at: 16 days ago - Pushed at: about 1 month ago - Stars: 2,141 - Forks: 625

mitre-attack/attack-stix-data

STIX data representing MITRE ATT&CK

Language: Python - Size: 107 MB - Last synced at: 14 days ago - Pushed at: about 1 month ago - Stars: 402 - Forks: 94

MrX0955/SecurityNexus

📌 🛡️ SecurityNexus: An advanced cybersecurity toolkit offering professional-grade security analysis through integrated modules for DNS analysis, network scanning, threat intelligence, OSINT, anomaly detection, and blockchain security. Built on Python, powered by machine learning, and equipped with a multilingual user interface.

Language: Python - Size: 404 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 1 - Forks: 0

prakhar0x01/Xpose

Xpose is a powerful software solution for performing advanced deanonymization techniques, designed to trace the operators behind illegal dark web sites. The system includes both a web app and CLI (Command Line Interface) to offer flexibility and reliability.

Language: Python - Size: 10.8 MB - Last synced at: 6 days ago - Pushed at: 4 months ago - Stars: 1 - Forks: 0

mytechnotalent/Hacking-Windows

A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.

Language: C - Size: 238 MB - Last synced at: 17 days ago - Pushed at: almost 3 years ago - Stars: 1,431 - Forks: 135

center-for-threat-informed-defense/tram

TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.

Language: Jupyter Notebook - Size: 50.6 MB - Last synced at: 15 days ago - Pushed at: about 1 month ago - Stars: 492 - Forks: 96

oasis-open/cti-taxii-client

OASIS TC Open Repository: TAXII 2 Client Library Written in Python

Language: Python - Size: 318 KB - Last synced at: 13 days ago - Pushed at: about 1 year ago - Stars: 115 - Forks: 55

oasis-open/cti-stix-visualization

OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships

Language: JavaScript - Size: 1.64 MB - Last synced at: 13 days ago - Pushed at: about 1 month ago - Stars: 151 - Forks: 43

arachne-threat-intel/spindle

Tracking information about cyber threat actors

Language: Python - Size: 271 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 3 - Forks: 0

SUmidcyber/Malware-Analysis-Reports

Dive into detailed technical analysis of critical vulnerabilities and malware. Stay informed, contribute, and help us improve cybersecurity together.

Size: 821 KB - Last synced at: 27 days ago - Pushed at: 27 days ago - Stars: 3 - Forks: 2

duggytuxy/Intelligence_DNS_Blocklist

Intelligence DNS Blocklist : Phishing, Scam, Malicious DN, Malware Delivery

Size: 116 MB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 30 - Forks: 4

cedricg-mirror/cedricg-mirror.github.io

Static and Dynamic Analysis of Malicious Codes

Language: CSS - Size: 6.23 MB - Last synced at: 29 days ago - Pushed at: 30 days ago - Stars: 2 - Forks: 0

eclecticiq/OpenTAXII

TAXII server implementation in Python from EclecticIQ

Language: Python - Size: 1.44 MB - Last synced at: 18 days ago - Pushed at: about 1 year ago - Stars: 197 - Forks: 98

mehrazino/tg-cybersec

Telegram cybersecurity channels.

Language: JavaScript - Size: 261 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 1

oasis-open/cti-stix2-json-schemas

OASIS TC Open Repository: Non-normative schemas and examples for STIX 2

Language: ANTLR - Size: 507 KB - Last synced at: 1 day ago - Pushed at: 7 months ago - Stars: 125 - Forks: 60

SUmidcyber/PortPatrol

PortPatrol is a comprehensive network management and security tool designed to analyze network traffic and enhance server security by managing and closing unused ports. This tool is particularly useful for administrators who need to ensure that only necessary ports are open on their servers, thereby reducing potential security vulnerabilities.

Language: Go - Size: 11.7 KB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 3 - Forks: 2

mxm0z/awesome-intelligence-writing

Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc

Size: 34.5 MB - Last synced at: about 1 month ago - Pushed at: 10 months ago - Stars: 545 - Forks: 61

j4ckrisz/Hackzzz

This is a Gitbook where I share the notes I take during Research and CTF's.

Size: 55.6 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0

thekshitiz/Kshitiz-Cybersecurity-Portfolio

A collection of my cybersecurity projects, showcasing skills in network security, penetration testing, cryptography, vulnerability assessments, and incident response. This repository highlights practical applications, tools, and techniques for securing systems and mitigating risks.

Size: 96.7 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

arachne-threat-intel/tracery Fork of searx/searx

Privacy-respecting metasearch engine

Language: Python - Size: 15.8 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 0

arachne-threat-intel/thread Fork of mitre-attack/tram

Thread is a tool for analysts to map finished reports and articles to MITRE ATT&CK®.

Language: Python - Size: 20.2 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 4

cybersheepdog/Analyst-Tool

Analyst Tool to automate some of an analyst's daily investigation tasks. In both python script and Jupyter Notebook format.

Language: Python - Size: 377 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 13 - Forks: 2

secutils-dev/secutils

Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers

Language: Rust - Size: 55.3 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 72 - Forks: 3

ail-project/ail-feeder-leak

AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically

Language: Python - Size: 104 KB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 9 - Forks: 4

Cybersight-Security/URL-Analysis-Tool

Python-based tool for analyzing URLs and detecting potential threats using various cybersecurity services.

Language: Python - Size: 134 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 4 - Forks: 1

AbstractionsLab/satrap-dl

SATRAP-DL (Semi-Automated Threat Reconnaissance and Analysis Powered by Description Logics) aims at the development of a platform for interactive computer-aided analysis of cyber threat intelligence driven by logic-based automated reasoning and inference.

Language: Python - Size: 5.01 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0

oasis-open/cti-documentation

OASIS TC Open Repository: GitHub Pages site for STIX and TAXII

Language: SCSS - Size: 12.4 MB - Last synced at: 13 days ago - Pushed at: about 1 month ago - Stars: 97 - Forks: 28

mitre/cti

Cyber Threat Intelligence Repository expressed in STIX 2.0

Size: 276 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1,838 - Forks: 427

Cybersight-Security/Malware-Samples

This repository contains 130 malware and ransomware samples for research and analysis purposes.

Size: 492 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 25 - Forks: 5

SylvesterDuah/The_Guardian_of_AI_Alignment

This project is about AI Alignment where I is source data from history of AI incidents occurred and learn about it to provide a solution to mitigate any future occurrences again

Language: Python - Size: 296 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

osV22/ATTACK-Force-Graph

Generate JSON force-directed/ node graph data from MITRE's ATTACK framework and visualize it interactively

Language: HTML - Size: 4.99 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 22 - Forks: 7

center-for-threat-informed-defense/technique-inference-engine

TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.

Language: Jupyter Notebook - Size: 12.6 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 49 - Forks: 6

CyberAlbSecOP/Awesome_Free_Online_SOC_And_Pentest_Tools

A curated collection of free or freemium web-based penetration testing and vulnerability analysis tools. These tools assist security professionals and enthusiasts in discovering, assessing, and managing vulnerabilities online, without the need for local installations. Contributions are welcome!

Size: 50.8 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 31 - Forks: 5