atc-react
A knowledge base of actionable Incident Response techniques (by atc-project)
IntelOwl
IntelOwl: manage your Threat Intelligence at scale (by intelowlproject)
atc-react | IntelOwl | |
---|---|---|
1 | 13 | |
571 | 3,114 | |
0.0% | 1.0% | |
10.0 | 9.8 | |
almost 2 years ago | 2 days ago | |
Python | Python | |
Apache License 2.0 | GNU Affero General Public License v3.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
atc-react
Posts with mentions or reviews of atc-react.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Mitre deTTECT
Someone knows something similar to M.Att&ck for incident response? I found this: https://github.com/atc-project/atc-react looks good but seems pretty dead, :?
IntelOwl
Posts with mentions or reviews of IntelOwl.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-06-25.
- Monthly Security Checklist
-
To GSoC and beyond...
Allowed bulk analysis of files as well as observables, leading to a more efficient workflow for IntelOwl users. #1032
-
IntelOwl 101
If you want to know how IntelOwl works and its underlying architecture visit their github and website
-
Threat detection
One thing I ran for a while was security onion and utilized port mirroring to mirror the uplink port from my primary switch to my LAN on my router, so I was catching anything coming into/out of my network destined for internet. I've also used ElastiFlow ( https://github.com/robcowart/elastiflow ) which is absolutely phenomenal and awesome, I did the same and it provides some great data. You could also leverage IntelOwl ( https://github.com/intelowlproject/IntelOwl ) , one thing I have added to all my VMs is a OSSEC agent, Wazuh to be specific which is free ( https://github.com/wazuh/wazuh ) and while I am not using it to its full potential such as monitoring file deletions/modifications etc it is a powerful tool.
- [Tool] Intel Owl new release v3.0.0 (FOSS threat intel solution)
- [Tool] Intel Owl v3.0.0, free and open source threat intelligence solution
- [FOSS] IntelOwl v2.3.0 is out!
- Intel Owl is an OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale (OS TIP)
-
IOCs Validation
https://github.com/intelowlproject/IntelOwl And MISP - however they both require a little bit of setup and such.
- Threat Intelligence