SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Python threat-intelligence Projects
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
-
Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
-
misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
-
misp-modules
Modules for expansion services, enrichment, import and export in MISP and other tools. (by MISP)
-
kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
-
threatbus
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
-
MISP-maltego
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14
A different solution that runs locally is opensquat.
https://github.com/atenreiro/opensquat
MISP Threat Actor Galaxy
Connector on GitHub - https://github.com/OpenCTI-Platform/connectors/tree/master/stream/splunk
Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14
Python threat-intelligence related posts
- Have I Been Squatted?
- OpenSquat
- How to integrate openCTI with Splunk?
- Lists
- Does anyone know what cdn4image.com is? I’ve searched but can’t find anything relevant to why it’s always showing up in my logs.
- How to find a similar looking domains
- Have I Been Sqautted – free DNS typosquatting platform
-
A note from our sponsor - SaaSHub
www.saashub.com | 25 Apr 2024
Index
What are some of the best open-source threat-intelligence projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | spiderfoot | 11,723 |
2 | dnstwist | 4,535 |
3 | IntelOwl | 3,103 |
4 | Digital-Forensics-Guide | 1,335 |
5 | harpoon | 1,133 |
6 | ThePhish | 1,005 |
7 | Watcher | 795 |
8 | CyberThreatHunting | 792 |
9 | ThreatIngestor | 781 |
10 | opensquat | 648 |
11 | Scrummage | 488 |
12 | iocextract | 485 |
13 | misp-galaxy | 480 |
14 | misp-warninglists | 475 |
15 | misp-modules | 324 |
16 | connectors | 324 |
17 | kestrel-lang | 273 |
18 | threatbus | 254 |
19 | malware-ioc | 196 |
20 | MISP-maltego | 165 |
21 | TwiTi | 163 |
22 | kc7 | 156 |
23 | TypeDB CTI | 134 |
Sponsored