opencti
shhgit
Our great sponsors
opencti | shhgit | |
---|---|---|
9 | 7 | |
4,511 | 3,778 | |
5.2% | - | |
10.0 | 0.0 | |
6 days ago | 7 months ago | |
TypeScript | JavaScript | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
opencti
-
Creating a cyber threat intelligence tool
It sounds like you want to jump into game development before learning how to write "Hello, world!". Try using any of the open source tools that already do this and sign up for some "free" threat intel tools and learn the lay of the land. https://www.misp-project.org/ https://github.com/OpenCTI-Platform/opencti https://iplists.firehol.org/ https://www.greynoise.io/
-
Threat analysis visualization?
An image - OpenCTI IOC Visualisation The system - OpenCTI Github
shhgit
- Tencent WeChat is now a GitHub secret scanning partner
- Around 50,000 GitHub credentials leaked as metadata inside commits
-
TruffleHog v3 – Detect and automatically verify over 600 credential types
There are a lot of secret detection tools out there. It probably is going to depend a lot on the specific features you care about. I personally really like shhgit[0] which is MIT licensed and is the tool I've found to most match my workflows.
- Ask HN: What are the best automated tools for keeping credentials out of GitHub?
What are some alternatives?
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
deepdarkCTI - Collection of Cyber Threat Intelligence sources from the deep and dark web
firewalla - http://firewalla.com
Shuffle - Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
CaptfEncoder - Captfencoder is opensource a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.
awesome-nodejs-security - Awesome Node.js Security resources
git-secrets - Prevents you from committing secrets and credentials into git repositories
trufflehog - Find and verify credentials
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
gitleaks - Protect and discover secrets using Gitleaks 🔑
blocklist-ipsets - ipsets dynamically updated with firehol's update-ipsets.sh script
detect-secrets - A developer-friendly secrets detection tool for CI and pre-commit hooks based on Yelp's detect-secrets