IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
-
Updated
Jul 4, 2024 - Python
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Distributed malware processing framework based on Python, Redis and S3.
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
File type classifier for the Karton framework.
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
File and analysis artifacts yara matcher for Karton framework
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
Static configuration extractor for the Karton framework
Extractor of various archive formats for Karton framework
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
CSV processing and web related data types mutual conversion
AutoIt script ripper for Karton framework
Karton service that uploads analyzed artifacts and metadata to MWDB Core
Incident Response Network Tools
Automation SIG
Various decoders for ascii-encoded executables for Karton framework
IntelMQ command line tool to process events and send out email notifications.
A small program to monitor the latest published vulnerabilities and also match it with the desired brands and products and announce it to email, Discord, etc.
Add a description, image, and links to the csirt topic page so that developers can more easily learn about it.
To associate your repository with the csirt topic, visit your repo's landing page and select "manage topics."