507 Open source projects that are alternatives of or similar to Threat Intel

Malware Sample Sources

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Bringing you the best of the worst files on the Internet.

Clusters and elements to attach to MISP events or attributes (like threat actors)

Personal compilation of APT malware from whitepaper releases, documents and own research

Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.

Owlyshield is an EDR framework designed to safeguard vulnerable applications from potential exploitation (C&C, exfiltration and impact))..

A helper to run OSINT queries & manage results continuously

Don't Just Search OSINT. Sweep It.

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

Malware hashes for open source projects.

StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.

PatrowlHears - Vulnerability Intelligence Center / Exploits

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Find phishing kits which use your brand/organization's files and image.

Kaspersky's GReAT KLara

A simple threat hunting tool based on osquery, Salt Open and Cymon API

The Ultimate OSINT and Threat Hunting Framework

Python 3 Wrapper for the BinaryEdge API https://www.binaryedge.io/

Capture passwords of login attempts on non-existent and disabled accounts.

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

FCL (Fileless Command Lines) - Known command lines of fileless malicious executions

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

Extract and aggregate threat intelligence.

Malcom - Malware Communications Analyzer

Explore Indicators of Compromise Automatically

Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings

Real-time HTTP Intrusion Detection

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

Tracking APT IOCs

ThePhish: an automated phishing email analysis tool

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A toolkit for Security Researchers

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Microsoft Sentinel SOC Operations

Threat Hunting queries for various attacks

recon-ng modules for Censys

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

Threat research and reporting from IronNet's Threat Research Teams

🐺 Malware analysis platform

Utilities for Sysmon

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

🐺 Malware analysis platform

🚌 The missing link to connect open-source threat intelligence tools.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Signature base for my scanner tools

All-in-one bundle of MISP, TheHive and Cortex

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Warning lists to inform users of MISP about potential false-positives or other information in indicators

⌨️ Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

AMWScan (PHP Antimalware Scanner) is a free tool to scan php files and analyze your project to find any malicious code inside it.

Pythonic ransomware proof of concept.

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.

This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY

Repository containting original and decompiled files of TRISIS/TRITON/HATMAN malware

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI

Sandbox for automated Linux malware analysis.