SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.

Stars: ✭ 49 (+157.89%)

Mutual labels: misp, threat-intelligence

misp-objects

Definition, description and relationship types of MISP objects

Stars: ✭ 73 (+284.21%)

Mutual labels: misp, information-sharing

ThePhish

ThePhish: an automated phishing email analysis tool

Stars: ✭ 676 (+3457.89%)

Mutual labels: misp, threat-intelligence

ThreatIntelligence

Tracking APT IOCs

Stars: ✭ 23 (+21.05%)

Mutual labels: threat-sharing, threat-intelligence

intelligence-icons

intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.

Stars: ✭ 32 (+68.42%)

Mutual labels: misp, threat-intelligence

cycat-service

CyCAT.org API back-end server including crawlers

Stars: ✭ 25 (+31.58%)

Mutual labels: misp, threat-intelligence

training-materials

No description or website provided.

Stars: ✭ 47 (+147.37%)

Mutual labels: misp

Azure-Sentinel-4-SecOps

Microsoft Sentinel SOC Operations

Stars: ✭ 140 (+636.84%)

Mutual labels: threat-intelligence

censys-recon-ng

recon-ng modules for Censys

Stars: ✭ 29 (+52.63%)

Mutual labels: threat-intelligence

pyeti

Python bindings for Yeti's API

Stars: ✭ 15 (-21.05%)

Mutual labels: threat-sharing

Scrummage

The Ultimate OSINT and Threat Hunting Framework

Stars: ✭ 355 (+1768.42%)

Mutual labels: threat-intelligence

MurMurHash

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Stars: ✭ 79 (+315.79%)

Mutual labels: threat-intelligence

View All Similar Projects ➔

misp-takedown

A curses-style interface for generating automatic takedown notifications through RT/RTIR using MISP events as input.

Disclaimer

This code is a surprisingly well working result of an experiment. However, the code needs improvements here and there. Also, the installation process regarding urlabuse, uwhoisd, MISP and RT/RTIR is not the most straight forward. We'd be happy to find contributors for code improvements and installation documentation. Both could be part of an internship at CIRCL. Reach out if you are interested.

Requirements

misp-takedown requires a MISP instance (API access) and:

urlabuse
uwhoisd for lookup of abuse email addresses.
RT/RTIR

Templates included

A series of notification templates are included, such as:

It can be easily extended to match your abuse notification processes and/or templates.

Demo

What it looks like: video screencast

License

This software is licensed under GNU Affero General Public License version 3

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

MISP / misp-takedown

Programming Languages

Labels

Projects that are alternatives of or similar to misp-takedown

misp-takedown

Disclaimer

Requirements

Templates included

Demo

License