GitHub topics: misp

Repositories

OpenCTI-Platform/connectors

OpenCTI Connectors

Language: Python - Size: 34 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 436 - Forks: 470

MISP/misp-galaxy

Clusters and elements to attach to MISP events or attributes (like threat actors)

Language: Python - Size: 41.7 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 558 - Forks: 273

MISP/misp-modules

Modules for expansion services, enrichment, import and export in MISP and other tools.

Language: Python - Size: 14.1 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 353 - Forks: 238

TheHive-Project/TheHive

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Language: Scala - Size: 41.2 MB - Last synced at: 5 days ago - Pushed at: over 2 years ago - Stars: 3,650 - Forks: 649

MISP/misp-book

User guide of MISP

Language: Shell - Size: 19.9 MB - Last synced at: 4 days ago - Pushed at: 4 months ago - Stars: 267 - Forks: 105

MISP/misp-warninglists

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Language: Python - Size: 362 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 570 - Forks: 179

MISP/MISP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Language: PHP - Size: 154 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 5,668 - Forks: 1,452

Bert-JanP/Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Language: Python - Size: 965 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 1,434 - Forks: 265

MISP/misp-stix

MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats

Language: Python - Size: 7.6 MB - Last synced at: 4 days ago - Pushed at: 12 days ago - Stars: 53 - Forks: 22

eset/malware-ioc

Indicators of Compromises (IOC) of our various investigations

Language: YARA - Size: 1.82 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 1,762 - Forks: 267

MISP/misp-playbooks

MISP Playbooks

Language: Jupyter Notebook - Size: 16.8 MB - Last synced at: 4 days ago - Pushed at: 3 months ago - Stars: 199 - Forks: 26

MISP/PyMISP

Python library using the MISP Rest API

Language: Python - Size: 8.59 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 461 - Forks: 284

MISP/misp-objects

Definition, description and relationship types of MISP objects

Language: Python - Size: 1.84 MB - Last synced at: 4 days ago - Pushed at: 26 days ago - Stars: 97 - Forks: 126

V1D1AN/S1EM

This project is a SIEM with SIRP and Threat Intel, all in one.

Language: Shell - Size: 10.7 MB - Last synced at: 12 days ago - Pushed at: 6 months ago - Stars: 434 - Forks: 84

JiscCTI/misp-docker

Project to build a set of three docker images containing the components of MISP with self-configuration into a usable state from first start.

Language: Shell - Size: 686 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 4 - Forks: 4

InQuest/ThreatIngestor

Extract and aggregate threat intelligence.

Language: Python - Size: 1.65 MB - Last synced at: 21 days ago - Pushed at: over 1 year ago - Stars: 859 - Forks: 137

cudeso/misp-reporting

A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and target sector and country.

Language: HTML - Size: 2.78 MB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 5 - Forks: 0

MISP/misp-wireshark

Lua plugin to extract data from Wireshark and convert it into MISP format

Language: Lua - Size: 1.74 MB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 48 - Forks: 6

thalesgroup-cert/Watcher

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Language: Python - Size: 16.4 MB - Last synced at: 23 days ago - Pushed at: 25 days ago - Stars: 907 - Forks: 132

Bert-JanP/Open-Source-Threat-Intel-Feeds

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Language: Python - Size: 94.7 KB - Last synced at: 27 days ago - Pushed at: 3 months ago - Stars: 660 - Forks: 67

ilyaglow/dockerfiles

🌊 Dockerfiles for apps I use. Also take a look at https://github.com/security-dockerfiles

Language: Dockerfile - Size: 93.8 KB - Last synced at: 2 days ago - Pushed at: over 4 years ago - Stars: 23 - Forks: 8

MISP/intelligence-icons

intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.

Language: JavaScript - Size: 27.9 MB - Last synced at: 4 days ago - Pushed at: about 6 years ago - Stars: 40 - Forks: 8

cerebrate-project/cerebrate

Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.

Language: PHP - Size: 12.4 MB - Last synced at: 26 days ago - Pushed at: about 1 month ago - Stars: 87 - Forks: 19

emalderson/ThePhish

ThePhish: an automated phishing email analysis tool

Language: Python - Size: 4.45 MB - Last synced at: about 1 month ago - Pushed at: 9 months ago - Stars: 1,205 - Forks: 181

MISP/MISP-STIX-Converter

A utility repo to assist with converting between MISP and STIX formats

Language: Python - Size: 2.06 MB - Last synced at: 4 days ago - Pushed at: over 4 years ago - Stars: 68 - Forks: 30

cloudtracer/ThreatPinchLookup

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Language: HTML - Size: 12 MB - Last synced at: about 1 month ago - Pushed at: over 6 years ago - Stars: 370 - Forks: 80

0xThiebaut/sigmai

Import specific data sources into the Sigma generic and open signature format.

Language: Go - Size: 48.8 KB - Last synced at: 3 days ago - Pushed at: about 3 years ago - Stars: 78 - Forks: 5

MISP/MISP-maltego

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

Language: Python - Size: 4.67 MB - Last synced at: about 1 month ago - Pushed at: 11 months ago - Stars: 174 - Forks: 43

MISP/misp-grafana

A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB

Language: Python - Size: 683 KB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 18 - Forks: 6

MISP/misp-dashboard

A live dashboard for a real-time overview of threat intelligence from MISP instances

Language: JavaScript - Size: 5.09 MB - Last synced at: 4 days ago - Pushed at: almost 2 years ago - Stars: 202 - Forks: 63

MISP/misp-compliance

Legal, procedural and policies document templates for operating MISP and information sharing communities

Size: 1.59 MB - Last synced at: 4 days ago - Pushed at: over 2 years ago - Stars: 38 - Forks: 17

aymenmarjan/MISP-Wazuh-Integration

A comprehensive integration solution connecting MISP threat intelligence with Wazuh security monitoring for real-time threat detection. This project provides step-by-step instructions for deploying, configuring, and integrating MISP and Wazuh with Sysmon to automatically detect indicators of compromise (IoCs) in your environment.

Size: 3.54 MB - Last synced at: 29 days ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

CERT-LT/MISP-taxonomy

Kibernetinių incidentų taksonomija

Size: 10.7 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

typosquatter/ail-typo-website

Website for ail-typo-squatting library

Language: JavaScript - Size: 3.83 MB - Last synced at: about 1 month ago - Pushed at: 12 months ago - Stars: 58 - Forks: 4

hazcod/mispsent

A tool that exports MISP threat intelligence attributes to Microsoft Sentinel SIEM.

Language: Go - Size: 57.6 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

thalesgroup-cert/vt_tool

Retrieves analysis information for a set of iocs (IP/Hash/URL/Domain) from VirusTotal API.

Language: Python - Size: 842 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0

eCrimeLabs/cratos-fastapi

The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such as SIEM, DNS, Proxies, Firewalls, EDR, NDR and other that can consume a file with indicators.

Language: Python - Size: 3.85 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 13 - Forks: 3

MISP/x_old_misp_docker

MISP Docker (XME edition)

Language: Shell - Size: 193 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 282 - Forks: 161

tenzir/threatbus 📦

🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

Language: Python - Size: 889 KB - Last synced at: 18 days ago - Pushed at: about 2 years ago - Stars: 261 - Forks: 16

cedricbonhomme/pyHIDS

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

Language: Python - Size: 758 KB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 58 - Forks: 15

voxpupuli/puppet-misp

This module installs and configures MISP (Malware Information Sharing Platform)

Language: HTML - Size: 394 KB - Last synced at: 5 days ago - Pushed at: about 2 months ago - Stars: 13 - Forks: 13

neolea/neolea-training-materials

Open source training materials for law-enforcement and organisations interested in DFIR.

Language: TeX - Size: 84 MB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 55 - Forks: 4

MISP/misp-airgap

Scripts to deploy and update MISP in air-gapped environments

Language: Shell - Size: 308 KB - Last synced at: 4 days ago - Pushed at: 2 months ago - Stars: 17 - Forks: 1

CrowdStrike/MISP-tools

Import CrowdStrike Threat Intelligence into your instance of MISP

Language: Python - Size: 7.34 MB - Last synced at: about 2 months ago - Pushed at: 2 months ago - Stars: 44 - Forks: 11

gbikram/CTI-Automation-Platform

An automated Cyber Threat Intelligence (CTI) apparatus, implemented via a suite of Free & Open-source Software (FOSS)

Language: Python - Size: 94 MB - Last synced at: about 2 months ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 2

MISP/threat-actor-intelligence-server

A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors.

Language: Python - Size: 605 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 48 - Forks: 12

elvidence/MISP

Enhancing MISP (Malware Information Sharing Platform & Threat Sharing)

Language: Python - Size: 93.8 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 2 - Forks: 0

CERN-CERT/pDNSSOC

Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.

Language: Shell - Size: 15.7 MB - Last synced at: 9 days ago - Pushed at: 4 months ago - Stars: 51 - Forks: 6

MISP/MISP-Taxii-Server

An OpenTAXII Configuration for MISP

Language: Python - Size: 160 KB - Last synced at: 4 days ago - Pushed at: over 2 years ago - Stars: 81 - Forks: 30

MISP/misp-guard

misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based on a set of customizable block rules.

Language: Python - Size: 153 KB - Last synced at: 4 days ago - Pushed at: 3 months ago - Stars: 14 - Forks: 3

jonrau1/SyntheticSun

SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Language: Python - Size: 58 MB - Last synced at: about 1 month ago - Pushed at: almost 4 years ago - Stars: 77 - Forks: 16

ag-michael/EmailScanner

EmailScanner is an integration application in python that uses `exchangelib` to process mail items in Microsoft exchange.

Language: Python - Size: 484 KB - Last synced at: about 1 month ago - Pushed at: about 6 years ago - Stars: 13 - Forks: 4

hazcod/MISP2Sentinel

A Python integration that fetches Threat Intelligence from MISP and publishes it to Microsoft Sentinel SIEM.

Language: Python - Size: 93.8 KB - Last synced at: 22 days ago - Pushed at: over 1 year ago - Stars: 7 - Forks: 0

MISP/misp-cloud

misp-cloud - Cloud-ready images of MISP

Language: Shell - Size: 462 KB - Last synced at: 4 days ago - Pushed at: over 2 years ago - Stars: 72 - Forks: 16

adulau/misp-osint-collection

Collection of best practices to add OSINT into MISP and/or MISP communities

Language: HTML - Size: 20.2 MB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 66 - Forks: 18

MISP/misp-rfc

Specifications used in the MISP project including MISP core format

Language: HTML - Size: 894 KB - Last synced at: 4 days ago - Pushed at: 4 months ago - Stars: 51 - Forks: 18

DCSO/MISP-Splunk-SA 📦

Splunk Supporting Add-on for MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform) https://www.misp-project.org/

Size: 1.95 KB - Last synced at: about 2 months ago - Pushed at: about 6 years ago - Stars: 0 - Forks: 0

DCSO/MISP-Splunk-TA 📦

Splunk Technical Add-on for MISP MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform) https://www.misp-project.org/

Size: 1.95 KB - Last synced at: about 2 months ago - Pushed at: about 6 years ago - Stars: 0 - Forks: 0

DCSO/MISP-dockerized-testbench 📦

Testbench Framework for MISP Application

Language: Python - Size: 480 KB - Last synced at: about 2 months ago - Pushed at: over 5 years ago - Stars: 0 - Forks: 1

DCSO/MISP-dockerized-misp-modules 📦

https://github.com/DCSO/MISP-dockerized

Language: Dockerfile - Size: 37.1 KB - Last synced at: about 2 months ago - Pushed at: about 5 years ago - Stars: 0 - Forks: 2

DCSO/MISP-dockerized-server 📦

Language: Shell - Size: 270 KB - Last synced at: 2 months ago - Pushed at: almost 2 years ago - Stars: 4 - Forks: 7

ninoseki/iocingestor

An extendable tool to extract and aggregate IoCs from threat feeds

Language: Python - Size: 314 KB - Last synced at: 26 days ago - Pushed at: over 1 year ago - Stars: 33 - Forks: 5

MISP/misp-vagrant

Deploy MISP Project software with Vagrant.

Language: Shell - Size: 75.2 KB - Last synced at: 4 days ago - Pushed at: almost 5 years ago - Stars: 43 - Forks: 16

phrp720/soc-toolkit

Open Source S.O.C.

Language: Shell - Size: 4.7 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

MISP/PyMISPGalaxies

Pythonic way to work with the galaxies defined there: https://github.com/MISP/misp-galaxy

Language: Python - Size: 802 KB - Last synced at: 4 days ago - Pushed at: 6 months ago - Stars: 19 - Forks: 11

TheHive-Project/TheHiveDocs 📦

Documentation of TheHive

Size: 29.8 MB - Last synced at: 4 months ago - Pushed at: over 1 year ago - Stars: 393 - Forks: 280

MISP/mail_to_misp

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Language: Python - Size: 871 KB - Last synced at: 4 days ago - Pushed at: over 1 year ago - Stars: 69 - Forks: 25

coolacid/docker-misp

A (nearly) production ready Dockered MISP

Language: Shell - Size: 163 KB - Last synced at: 6 months ago - Pushed at: over 1 year ago - Stars: 230 - Forks: 94

3c7/aptmap

A map displaying threat actors from the misp-galaxy

Language: TypeScript - Size: 1.08 MB - Last synced at: 6 months ago - Pushed at: over 2 years ago - Stars: 32 - Forks: 6

CERT-Bund/yara-exporter 📦

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Language: Python - Size: 14.6 KB - Last synced at: 6 months ago - Pushed at: about 8 years ago - Stars: 24 - Forks: 9

Related Keywords

misp 192 threat-intelligence 63 cybersecurity 27 misp-api 22 threatintel 21 ioc 20 security 19 threat-sharing 18 threat-hunting 18 cti 14 docker 14 thehive 14 dfir 14 python 13 incident-response 12 malware 11 cortex 11 information-sharing 10 information-exchange 9 security-tools 9 osint 9 intelligence 9 pymisp 9 cyber-threat-intelligence 7 yara 7 malware-analysis 6 elasticsearch 6 siem 6 stix 6 information-security 5 docker-compose 5 docker-image 5 threat-intel 5 automation 5 opencti 5 phishing 5 thehive-project 5 splunk 5 virustotal 5 stix2 4 cyberthreatintelligence 4 cyber-security 4 threat-intelligence-platform 4 misp-modules 4 ecrimelabs 4 misp-docker 4 api 4 indicators-of-compromise 4 soar 4 dockerfile 4 script 3 security-automation 3 kaspersky 3 cerebrate-project 3 data-feeds 3 threat-detection 3 kibana 3 logstash 3 aws 3 suricata 3 zeek 3 privacy 3 mcafee 3 cert 3 threatintelligence 3 dashboard 3 monitoring 3 python3 3 misp-format 3 taxonomy 3 threat 3 golang 3 blueteam 3 mitre-attack 3 open-source 3 free 3 misp-galaxy 3 infosec 3 digital-forensics 3 iocs 3 incident-management 3 threat-analysis 3 enrichment 3 sentinel 3 abuseipdb-api 2 vagrant 2 passivetotal 2 compiler 2 cerebrate 2 analysis 2 jupyter-notebook 2 virtual-machine 2 elk-stack 2 webapp 2 watcher 2 security-incidents 2 intelmq 2 documentation 2 incident-response-tooling 2 ids 2