All Projects → OpenCTI-Platform → Opencti

OpenCTI-Platform / Opencti

Licence: apache-2.0
Authors

Programming Languages

javascript
184084 projects - #8 most used programming language
CSS
56736 projects

Projects that are alternatives of or similar to Opencti

Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+217.88%)
Mutual labels:  osint, cybersecurity, cti, threat-intelligence
Misp
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Stars: ✭ 3,485 (+60.97%)
Mutual labels:  cybersecurity, threat-intelligence, intelligence, cti
Dfw1n Osint
Australian Open Source Intelligence Gathering Resources, Australias Largest Open Source Intelligence Repository for Cyber Professionals and Ethical Hackers
Stars: ✭ 63 (-97.09%)
Mutual labels:  osint, cybersecurity, intelligence
Osweep
Don't Just Search OSINT. Sweep It.
Stars: ✭ 225 (-89.61%)
Mutual labels:  osint, cybersecurity, threat-intelligence
client-python
OpenCTI Python Client
Stars: ✭ 45 (-97.92%)
Mutual labels:  cybersecurity, cti, threat-intelligence
censys-recon-ng
recon-ng modules for Censys
Stars: ✭ 29 (-98.66%)
Mutual labels:  osint, cybersecurity, threat-intelligence
Scylla
The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 424 (-80.42%)
Mutual labels:  intelligence, osint, cybersecurity
Scylla
The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Stars: ✭ 154 (-92.89%)
Mutual labels:  osint, cybersecurity, intelligence
YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Stars: ✭ 22 (-98.98%)
Mutual labels:  intelligence, cybersecurity, threat-intelligence
Analyst Arsenal
A toolkit for Security Researchers
Stars: ✭ 112 (-94.83%)
Mutual labels:  osint, cybersecurity, threat-intelligence
connectors
OpenCTI connectors
Stars: ✭ 135 (-93.76%)
Mutual labels:  cybersecurity, cti, threat-intelligence
cycat-service
CyCAT.org API back-end server including crawlers
Stars: ✭ 25 (-98.85%)
Mutual labels:  cybersecurity, cti, threat-intelligence
Open-source-tools-for-CTI
Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Stars: ✭ 91 (-95.8%)
Mutual labels:  osint, cybersecurity, cti
Chatter
internet monitoring osint telegram bot for windows
Stars: ✭ 123 (-94.32%)
Mutual labels:  osint, cybersecurity, threat-intelligence
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (-62.4%)
Mutual labels:  osint, intelligence
Harpoon
CLI tool for open source and threat intelligence
Stars: ✭ 679 (-68.64%)
Mutual labels:  osint, threat-intelligence
Probe spider
Probe_Spider is a Open Source Intelligence Tool made complete out of Python.
Stars: ✭ 20 (-99.08%)
Mutual labels:  osint, cybersecurity
Urlhunter
a recon tool that allows searching on URLs that are exposed via shortener services
Stars: ✭ 934 (-56.86%)
Mutual labels:  osint, intelligence
Besafe
BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you
Stars: ✭ 21 (-99.03%)
Mutual labels:  cybersecurity, threat-intelligence
Ioc Explorer
Explore Indicators of Compromise Automatically
Stars: ✭ 73 (-96.63%)
Mutual labels:  cybersecurity, threat-intelligence

OpenCTI

DeepScan grade

Introduction

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.

The structuration of the data is performed using a knowledge schema based on the STIX2 standards. It has been designed as a modern web application including a GraphQL API and an UX oriented frontend. Also, OpenCTI can be integrated with other tools and applications such as MISP, TheHive, MITRE ATT&CK, etc.

Screenshot

Objective

The goal is to create a comprehensive tool allowing users to capitalize technical (such as TTPs and observables) and non-technical information (such as suggested attribution, victimology etc.) while linking each piece of information to its primary source (a report, a MISP event, etc.), with features such as links between each information, first and last seen dates, levels of confidence, etc. The tool is able to use the MITRE ATT&CK framework (through a dedicated connector) to help structure the data. The user can also choose to implement their own datasets.

Once data has been capitalized and processed by the analysts within OpenCTI, new relations may be inferred from existing ones to facilitate the understanding and the representation of this information. This allows the user to extract and leverage meaningful knowledge from the raw data.

OpenCTI not only allows imports but also exports of data under different formats (CSV, STIX2 bundles, etc.). Connectors are currently developed to accelerate interactions between the tool and other platforms.

Documentation and demonstration

If you want to know more on OpenCTI, you can read the documentation on the tool. If you wish to discover how the OpenCTI platform is working, a demonstration instance is available and open to everyone. This instance is reset every night and is based on reference data maintained by the OpenCTI developers.

Releases download

The releases are available on the Github releases page. You can also access the rolling release package generated from the master branch of the repository.

Installation

All you need to install the OpenCTI platform can be found in the official documentation. For installation, you can:

Luatix's members

Founders

Sponsors

Advisory board

Contributing

Code of Conduct

OpenCTI has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

Contributing Guide

Read our contributing guide to learn about our development process, how to propose bugfixes and improvements, and how to build and test your changes to OpenCTI.

Beginner friendly issues

To help you get you familiar with our contribution process, we have a list of beginner friendly issues which are fairly easy to implement. This is a great place to get started.

Development

If you want to actively help OpenCTI, we created a dedicated documentation about the deployment of a development environement and how to start the source code modification.

Community

Status & bugs

Currently OpenCTI is under heavy development, if you wish to report bugs or ask for new features, you can directly use the Github issues module.

Discussion

If you need support or you wish to engage a discussion about the OpenCTI platform, feel free to join us on our Slack channel. You can also send us an email to [email protected].

About

Authors

OpenCTI is a product powered by the collaboration of the French national cybersecurity agency (ANSSI), the CERT-EU and the Luatix non-profit organization.

GDPR and the OpenCTI OpenStreetMap server

In order to provide OpenCTI users with cartography features, the platform uses a dedicated OpenStreetMap server (https://map.opencti.io). To monitor usage and adapt services performances, Luatix collects access log to this server (including IP addresses).

By using this server, you authorize Luatix to collect this information. Otherwise, you are free to deploy your own OpenStreetMap server and modify the platform configuration accordingly.

If you have started using the Luatix server and change your mind, you have the right to access, limit, rectify, erase and receive your data. To exercise your rights, please send your request to [email protected].

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].