All Projects → csirtgadgets → csirtg-smrt-v1

csirtgadgets / csirtg-smrt-v1

Licence: MPL-2.0 license
the fastest way to consume threat intelligence.

Programming Languages

python
139335 projects - #7 most used programming language
Makefile
30231 projects
Batchfile
5799 projects

Projects that are alternatives of or similar to csirtg-smrt-v1

Misp
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+12807.41%)
Mutual labels:  threat-hunting, threat-sharing, threatintel
ThreatIntelligence
Tracking APT IOCs
Stars: ✭ 23 (-14.81%)
Mutual labels:  threat-hunting, threat-sharing, threatintel
pyeti
Python bindings for Yeti's API
Stars: ✭ 15 (-44.44%)
Mutual labels:  threat-hunting, threat-sharing, threatintel
Sysmon Config
Sysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+12074.07%)
Mutual labels:  threat-hunting, threatintel
pybinaryedge
Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/
Stars: ✭ 16 (-40.74%)
Mutual labels:  threat-hunting, threatintel
Stalkphish
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+848.15%)
Mutual labels:  threat-hunting, threatintel
Threatingestor
Extract and aggregate threat intelligence.
Stars: ✭ 439 (+1525.93%)
Mutual labels:  threat-hunting, threatintel
Sysmontools
Utilities for Sysmon
Stars: ✭ 903 (+3244.44%)
Mutual labels:  threat-hunting, threatintel
mail to misp
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (+125.93%)
Mutual labels:  threat-hunting, threatintel
Patrowlhears
PatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (+229.63%)
Mutual labels:  threat-hunting, threatintel
Malware Feed
Bringing you the best of the worst files on the Internet.
Stars: ✭ 69 (+155.56%)
Mutual labels:  threat-hunting, threatintel
Threatbus
🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (+414.81%)
Mutual labels:  threat-hunting, threatintel
OSINT-Brazuca
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Stars: ✭ 508 (+1781.48%)
Mutual labels:  threat-hunting, threatintel
IronNetTR
Threat research and reporting from IronNet's Threat Research Teams
Stars: ✭ 36 (+33.33%)
Mutual labels:  threat-hunting, threatintel
Threatpinchlookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Stars: ✭ 257 (+851.85%)
Mutual labels:  threat-hunting, threatintel
YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-18.52%)
Mutual labels:  threat-hunting, threatintel
Bearded Avenger
CIF v3 -- the fastest way to consume threat intelligence
Stars: ✭ 152 (+462.96%)
Mutual labels:  threat-hunting, threatintel
censys-recon-ng
recon-ng modules for Censys
Stars: ✭ 29 (+7.41%)
Mutual labels:  threat-hunting, threatintel
sqhunter
A simple threat hunting tool based on osquery, Salt Open and Cymon API
Stars: ✭ 64 (+137.04%)
Mutual labels:  threat-hunting, threatintel
Yeti
Your Everyday Threat Intelligence
Stars: ✭ 1,037 (+3740.74%)
Mutual labels:  threat-hunting, threatintel

Getting Started

Parse data using simple YAML and throw it just about anywhere.

$ [sudo] pip install csirtg-smrt
$ curl https://raw.githubusercontent.com/csirtgadgets/csirtg-smrt-py/master/examples/csirtg.yml > csirtg.yml
$ csirtg-smrt -r csirtg.yml -f port-scanners --format table|csv|bro

017-04-12 12:22:26,244 - INFO - csirtg_smrt.smrt[416] - loglevel is: INFO
2017-04-12 12:22:26,244 - INFO - csirtg_smrt.smrt[116] - processing csirtg.yml
2017-04-12 12:22:26,251 - INFO - csirtg_smrt.smrt[315] - processing: csirtg.yml - csirtg.io:port-scanners
+-------+----------+----------------------------+-----------------+-------+------------+---------+----------------------------------+-------+-----------+
|  tlp  |  group   |          lasttime          |    indicator    | count | confidence |   tags  |           description            | rdata | provider  |
+-------+----------+----------------------------+-----------------+-------+------------+---------+----------------------------------+-------+-----------+
| white | everyone | 2017-04-12T16:22:06.00000Z |   59.27.82.202  |   1   |    9.0     | scanner | sourced from firewall logs (in.. |       | csirtg.io |
| white | everyone | 2017-04-12T16:21:43.00000Z |  31.162.111.152 |   1   |    9.0     | scanner | sourced from firewall logs (in.. |       | csirtg.io |
| white | everyone | 2017-04-12T16:20:29.00000Z |    5.238.33.0   |   1   |    9.0     | scanner | sourced from firewall logs (in.. |       | csirtg.io |
...

YouTube

Getting Involved

There are many ways to get involved with the project. If you have a new and exciting feature, or even a simple bugfix, simply fork the repo, create some simple test cases, generate a pull-request and give yourself credit!

If you've never worked on a GitHub project, this is a good piece for getting started.

COPYRIGHT AND LICENCE

Copyright (C) 2018 CSIRT Gadgets Foundation

Free use of this software is granted under the terms of the Mozilla Public License (MPL2). For details see the file LICENSE included with the distribution.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].