GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → CyCat-project → cycat-service

CyCat-project / cycat-service

Licence: AGPL-3.0 license
CyCAT.org API back-end server including crawlers

Programming Languages

python
139335 projects - #7 most used programming language
shell
77523 projects

Labels

cybersecuritymispctithreat-intelligencemitre-attackcycat

Projects that are alternatives of or similar to cycat-service

connectors
OpenCTI connectors
Stars: ✭ 135 (+440%)
Mutual labels:  cybersecurity, misp, cti, threat-intelligence, mitre-attack
Misp
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+13840%)
Mutual labels:  cybersecurity, misp, cti, threat-intelligence
mitreattack-python
A python module for working with ATT&CK
Stars: ✭ 208 (+732%)
Mutual labels:  cybersecurity, cti, mitre-attack
YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-12%)
Mutual labels:  cybersecurity, misp, threat-intelligence
ThePhish
ThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+2604%)
Mutual labels:  cybersecurity, misp, threat-intelligence
attack-evals
ATT&CK Evaluations website (DEPRECATED)
Stars: ✭ 57 (+128%)
Mutual labels:  cybersecurity, cti, mitre-attack
Opencti
Authors
Stars: ✭ 2,165 (+8560%)
Mutual labels:  cybersecurity, cti, threat-intelligence
attckr
⚔️MITRE ATT&CK Machinations in R
Stars: ✭ 22 (-12%)
Mutual labels:  cybersecurity, threat-intelligence, mitre-attack
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+27428%)
Mutual labels:  cybersecurity, cti, threat-intelligence
mitrecnd.github.io
MITRE Shield website
Stars: ✭ 17 (-32%)
Mutual labels:  cybersecurity, cti, mitre-attack
client-python
OpenCTI Python Client
Stars: ✭ 45 (+80%)
Mutual labels:  cybersecurity, cti, threat-intelligence
Caldera
Automated Adversary Emulation Platform
Stars: ✭ 3,126 (+12404%)
Mutual labels:  cybersecurity, mitre-attack
Attack Website
MITRE ATT&CK Website
Stars: ✭ 231 (+824%)
Mutual labels:  cybersecurity, mitre-attack
mail to misp
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
Stars: ✭ 61 (+144%)
Mutual labels:  misp, threat-intelligence
Osweep
Don't Just Search OSINT. Sweep It.
Stars: ✭ 225 (+800%)
Mutual labels:  cybersecurity, threat-intelligence
Abused-Legitimate-Services
Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
Stars: ✭ 42 (+68%)
Mutual labels:  cybersecurity, cti
attack-stix-data
STIX data representing MITRE ATT&CK
Stars: ✭ 118 (+372%)
Mutual labels:  cybersecurity, cti
attack to veris
The principal objectives and outputs of this project are the creation and dissemination of an extension to the VERIS schema incorporating ATT&CK mappings and associated usage documentation.
Stars: ✭ 56 (+124%)
Mutual labels:  cybersecurity, mitre-attack
intelligence-icons
intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.
Stars: ✭ 32 (+28%)
Mutual labels:  misp, threat-intelligence
Malware-Sample-Sources
Malware Sample Sources
Stars: ✭ 214 (+756%)
Mutual labels:  cybersecurity, threat-intelligence
View All Similar Projects ➔

CyCAT.org API services

Back-end

  • back-end - software to run your own CyCAT.org API service. This software runs the official API for CyCAT.org available at api.cycat.org.

Documentation

  • CyCAT - The Cybersecurity Resource Catalogue public API services document is available as OpenAPI 2.0 swagger file.
  • PDF of the CyCAT API.

API Usage and Examples

Search by namespace topic

curl -X 'GET' \
  'https://api.cycat.org/namespace/finduuid/mitre-attack-id/T1216' \
  -H 'accept: application/json'

Searching for all the known items in CyCAT about the MITRE ATT&CK T1216 returns the following UUIDs

[
  "a0459f02-ac51-4c09-b511-b8c9203fc429",
  "f588e69b-0750-46bb-8f87-0e9320d57536",
  "39776c99-1c7b-4ba0-b5aa-641525eee1a4",
  "59e938ff-0d6d-4dc3-b13f-36cc28734d4e",
  "6609c444-9670-4eab-9636-fe4755a851ce",
  "51048ba0-a5aa-41e7-bf5d-993cd217dfb2",
  "9df0dd3a-1a5c-47e3-a2bc-30ed177646a0",
  "4cd29327-685a-460e-9dac-c3ab96e549dc",
  "99465c8f-f102-4157-b11c-b0cddd53b79a",
  "074e0ded-6ced-4ebd-8b4d-53f55908119d",
  "f6fe9070-7a65-49ea-ae72-76292f42cebe",
  "c363385c-f75d-4753-a108-c1a8e28bdbda"
]

Fetch item by UUID

curl -X 'GET' \
  'https://api.cycat.org/lookup/4cd29327-685a-460e-9dac-c3ab96e549dc' \
  -H 'accept: application/json'

{
  "description": "Detects Execution via SyncInvoke in CL_Invocation.ps1 module",
  "raw": "author: oscd.community, Natalia Shornikova\ndate: 2020/10/14\ndescription: Detects Execution via SyncInvoke in CL_Invocation.ps1 module\ndetection:\n  condition: selection\n  selection:\n    EventID: 4104\n    ScriptBlockText|contains|all:\n    - CL_Invocation.ps1\n    - SyncInvoke\nfalsepositives:\n- Unknown\nid: 4cd29327-685a-460e-9dac-c3ab96e549dc\nlevel: high\nlogsource:\n  product: windows\n  service: powershell\nmodified: 2021/05/21\nreferences:\n- https://github.com/LOLBAS-Project/LOLBAS/blob/master/yml/OSScripts/Cl_invocation.yml\n- https://twitter.com/bohops/status/948061991012327424\nstatus: experimental\ntags:\n- attack.defense_evasion\n- attack.t1216\ntitle: Execution via CL_Invocation.ps1\n",
  "sigma:id": "4cd29327-685a-460e-9dac-c3ab96e549dc",
  "title": "Execution via CL_Invocation.ps1",
  "_cycat_type": "Item"
}

Fetch relationships of an UUID

curl -X 'GET' \
  'https://api.cycat.org/relationships/fbd29c89-18ba-4c2d-b792-51c0adee049f' \
  -H 'accept: application/json'

[
  "24bfaeba-cb0d-4525-b3dc-507c77ecec41",
  "b21c3b2d-02e6-45b1-980b-e69051040839",
  "e6919abc-99f9-4c6c-95a5-14761e7b2add",
  "cb69b20d-56d0-41ab-8440-4a4b251614d4",
  "2dc2b567-8821-49f9-9045-8740f3d0b958",
  "692074ae-bb62-4a5e-a735-02cb6bde458c",
  "b3d682b6-98f2-4fb0-aa3b-b4df007ca70a",
  "837f9164-50af-4ac0-8219-379d8a74cefc",
  "df8b2a25-8bdf-4856-953c-a04372b1c161",
  "8d7bd4f5-3a89-4453-9c82-2c8894d5655e",
  "e85cae1a-bce3-4ac4-b36b-b00acac0567b",
  "005a06c6-14bf-4118-afa0-ebcd8aebb0c9",
  "58a3e6aa-4453-4cc8-a51f-4befe80b31a8",
  "fb8d023d-45be-47e9-bc51-f56bcae6435b",
  "b76b2d94-60e4-4107-a903-4a3a7622fb3b",
  "3433a9e8-1c47-4320-b9bf-ed449061d1c3",
  "910906dd-8c0a-475a-9cc1-5e029e2fad58",
  "cf23bf4a-e003-4116-bbae-1ea6c558d565",
  "13cd9151-83b7-410d-9f98-25d0f0d1d80d",
  "afc079f3-c0ea-4096-b75d-3f05338b7f60",
  "ef67e13e-5598-4adc-bdb2-998225874fa9",
  "2b742742-28c3-4e1b-bab7-8350d6300fa7",
  "be2dcee9-a7a7-4e38-afd6-21b31ecc3d63",
  "9efb1ea7-c37b-4595-9640-b7680cd84279",
  "c5e3cdbc-0387-4be9-8f83-ff5c0865f377",
  "03342581-f790-4f03-ba41-e82e67392e23",
  "4b57c098-f043-4da2-83ef-7588a6d426bc",
  "db1355a7-e5c9-4e2c-8da7-eccf2ae9bf5c",
  "232b7f21-adf9-4b42-b936-b9d6f7df856e",
  "2a70812b-f1ef-44db-8578-a496a227aef2",
  "6add2ab5-2711-4e9d-87c8-7a0be8531530",
  "f5352566-1a64-49ac-8f7f-97e1d1a03300",
  "b17a1a56-e99c-403c-8948-561df0cffe81",
  "3fc9b85a-2862-4363-a64d-d692e3ffbee0",
  "1ecfdab8-7d59-4c98-95d4-dc41970f57fc",
  "00f90846-cbd1-4fc5-9233-df5c2bf2a662",
  "3257eb21-f9a7-4430-8de1-d8b6e288f529",
  "04fd5427-79c7-44ea-ae13-11b24778ff1c",
  "65f2d882-3f41-4d48-8a06-29af77ec9f90",
  "970a3432-3237-47ad-bcca-7d8cbb217736",
  "b18eae87-b469-4e14-b454-b171b416bc18",
  "dfd7cc1d-e1d8-4394-a198-97c4cab8aa67",
  "b4d80f8b-d2b9-4448-8844-4bef777ed676",
  "c848fcf7-6b62-4bde-8216-b6c157d48da0",
  "648f995e-9c3a-41e4-aeee-98bb41037426",
  "90ac9266-68ce-46f2-b24f-5eb3b2a8ea38",
  "8dbadf80-468c-4a62-b817-4e4d8b606887",
  "f232fa7a-025c-4d43-abc7-318e81a73d65",
  "2e34237d-8574-43f6-aace-ae2915de8597"
]

Full-text search on CyCAT backend

curl -X 'GET' \
  'https://api.cycat.org/search/APT33' \
  -H 'accept: application/json'

Will return all the UUIDs matching the keyword queried (in this case APT33). Then the returned UUIDs can be used to find relationships and corresponding items.

[
  "db1355a7-e5c9-4e2c-8da7-eccf2ae9bf5c",
  "fbd29c89-18ba-4c2d-b792-51c0adee049f",
  "4f69ec6d-cb6b-42af-b8e2-920a2aa4be10",
  "2a70812b-f1ef-44db-8578-a496a227aef2",
  "2a70812b-f1ef-44db-8578-a496a227aef2",
  "8dbadf80-468c-4a62-b817-4e4d8b606887",
  "fab34d66-5668-460a-bc0f-250b9417cdbf",
  "e85cae1a-bce3-4ac4-b36b-b00acac0567b",
  "5de6335d-e128-4bc0-87e2-4db4950d210f",
  "08d5b8a4-e752-48f3-ac6d-944807146ce7",
  "15dd8386-f11a-485a-b719-440c0a47dee6",
  "ab603f29-9c10-4fb0-9fa3-e123fad11a31",
  "cfdb02f2-a767-4abb-b04c-333a02cdd7e2",
  "0c5bc5c8-5136-413a-bc5a-e13333271f49",
  "f9aa9004-8811-4091-a471-38f81dbcadc4",
  "5086a6e0-53b2-4d96-9eb3-a0237da2e591",
  "8a789016-5f8d-4cd9-ba96-ba253db42fd8",
  "f29b7c5e-2439-42ad-a86f-9f8984fafae3",
  "1acd0c6c-7aff-462e-94ff-7544b1692740",
  "accd848b-b8f4-46ba-a408-9063b35cfbf2",
  "2894aee2-e0ec-417a-811e-74a68ab967b2",
  "05252643-093b-4070-b62f-d5836683a9fa",
  "b18eae87-b469-4e14-b454-b171b416bc18",
  "588fb91d-59c6-4667-b299-94676d48b17b",
  "036bd099-fe80-46c2-9c4c-e5c6df8dcdee",
  "d29eb927-d53d-4af2-b6ce-17b3a1b34fe7"
]

Crawlers available to feed the CyCAT back-end

License

CyCAT.org back-end software is released under the AGPL version 3.

Copyright (c) 2021 Alexandre Dulaunoy
Copyright (c) 2021 CyCAT.org project
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].