Defund the Police.
-
Updated
Jun 7, 2024
Defund the Police.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Your Everyday Threat Intelligence
Python library using the MISP Rest API
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
Extract and aggregate threat intelligence.
A (nearly) production ready Dockered MISP
Defanged Indicator of Compromise (IOC) Extractor.
TAXII server implementation in Python from EclecticIQ
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
Personal compilation of APT malware from whitepaper releases, documents and own research
CIF v3 -- the fastest way to consume threat intelligence
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
A utility repo to assist with converting between MISP and STIX formats
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
The Project can be used to integrate QRadar with MISP Threat Sharing Platform
Best practices in threat intelligence
TAXII client implementation from EclecticIQ
Add a description, image, and links to the threat-sharing topic page so that developers can more easily learn about it.
To associate your repository with the threat-sharing topic, visit your repo's landing page and select "manage topics."