Cortex
IntelOwl
Our great sponsors
Cortex | IntelOwl | |
---|---|---|
4 | 13 | |
1,237 | 3,072 | |
2.9% | 2.5% | |
4.9 | 9.6 | |
2 months ago | 6 days ago | |
Scala | Python | |
GNU Affero General Public License v3.0 | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Cortex
-
Launch HN: Opstrace (YC S19) – open-source Datadog
Thanks for the correction! You linked to the right Cortex, not to be confused with https://github.com/TheHive-Project/Cortex, haha. https://github.com/cortexproject/cortex is what we talk about. Naming is hard.
IntelOwl
- Monthly Security Checklist
-
Threat detection
One thing I ran for a while was security onion and utilized port mirroring to mirror the uplink port from my primary switch to my LAN on my router, so I was catching anything coming into/out of my network destined for internet. I've also used ElastiFlow ( https://github.com/robcowart/elastiflow ) which is absolutely phenomenal and awesome, I did the same and it provides some great data. You could also leverage IntelOwl ( https://github.com/intelowlproject/IntelOwl ) , one thing I have added to all my VMs is a OSSEC agent, Wazuh to be specific which is free ( https://github.com/wazuh/wazuh ) and while I am not using it to its full potential such as monitoring file deletions/modifications etc it is a powerful tool.
- [Tool] Intel Owl v3.0.0, free and open source threat intelligence solution
-
IOCs Validation
https://github.com/intelowlproject/IntelOwl And MISP - however they both require a little bit of setup and such.
What are some alternatives?
Kuiper - Digital Forensics Investigation Platform
TheHiveDocs - Documentation of TheHive
intelmq - IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
PatrowlManager - PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
catalyst - Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
dumpulator - An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
pyintelowl - Robust Python SDK and Command Line Client for interacting with IntelOwl's API.
opensquat - The openSquat project is an open-source solution for detecting domain look-alikes by searching for newly registered domains that might be impersonating other legit domains.
harpoon - CLI tool for open source and threat intelligence
Scrummage - The Ultimate OSINT and Threat Hunting Framework
dfir-orc - Forensics artefact collection tool for systems running Microsoft Windows
pagodo - pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching