Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today. Learn more →
Top 23 threat-intelligence Open-Source Projects
-
Scout Monitoring
Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
-
-
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
-
Malware-Exhibit
🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
-
-
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
-
opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24
Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07How did you find which channels and groups to join? From sources like https://github.com/fastfire/deepdarkCTI ?
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
A different solution that runs locally is opensquat.
https://github.com/atenreiro/opensquat
threat-intelligence discussion
threat-intelligence related posts
-
Teler: Real-Time HTTP Intrusion Detection
-
How do you stay on top of new vulnerabilities or CVEs?
-
Have I Been Squatted?
-
OpenSquat
-
How to integrate openCTI with Splunk?
-
Lists
-
GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform
-
A note from our sponsor - Scout Monitoring
www.scoutapm.com | 11 Jun 2024
Index
What are some of the best open-source threat-intelligence projects? This list will help you:
Project | Stars | |
---|---|---|
1 | spiderfoot | 11,959 |
2 | awesome-malware-analysis | 11,250 |
3 | MISP | 5,053 |
4 | opencti | 4,847 |
5 | dnstwist | 4,632 |
6 | awesome-devsecops | 4,459 |
7 | deepdarkCTI | 3,975 |
8 | IntelOwl | 3,167 |
9 | signature-base | 2,361 |
10 | Digital-Forensics-Guide | 1,474 |
11 | SysmonTools | 1,455 |
12 | mitaka | 1,342 |
13 | harpoon | 1,143 |
14 | ThePhish | 1,046 |
15 | Malware-Exhibit | 929 |
16 | Ukraine-Cyber-Operations | 910 |
17 | mihari | 832 |
18 | Watcher | 807 |
19 | CyberThreatHunting | 799 |
20 | ThreatIngestor | 797 |
21 | sysmon-config | 756 |
22 | opensquat | 657 |
23 | PatrowlManager | 612 |