The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 15 Python Threatintel Projects
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
-
threatbus
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
-
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
-
MISP-QRadar-Integration
The Project can be used to integrate QRadar with MISP Threat Sharing Platform
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Brute.Fail Watch brute force attacks in real time | news.ycombinator.com | 2023-06-02Thanks for the reference; after some link chasing I was able to end up on the project I believe you're thinking of: https://github.com/cowrie/cowrie#features (appears to be BSD-3-Clause: https://github.com/cowrie/cowrie/blob/master/LICENSE.rst )
Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14
Python Threatintel related posts
- Hey. How does one find out everything related to a certain e-mail adress? on which sites it has an account registered and stuff like that? im totally new to this. thanks!!!
- Yeti: Organize observables, indicators of compromise, TTPs, and threats
- Get CrowdSec IOCs feed into MISP
- What are your preferred OSINT tools?
- How to Iidentify zero day phishing URLs
- SpiderFoot 4.0 release - introducing YAML correlation rules
- OSINT Tools
-
A note from our sponsor - WorkOS
workos.com | 22 Apr 2024
Index
What are some of the best open-source Threatintel projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | spiderfoot | 11,670 |
2 | cowrie | 4,904 |
3 | IntelOwl | 3,103 |
4 | yeti | 1,626 |
5 | harpoon | 1,133 |
6 | ThreatIngestor | 781 |
7 | iocextract | 485 |
8 | PyMISP | 418 |
9 | kestrel-lang | 273 |
10 | threatbus | 254 |
11 | malware-ioc | 196 |
12 | Log4Shell-IOCs | 184 |
13 | MurMurHash | 109 |
14 | MISP-QRadar-Integration | 36 |
15 | MISP-tools | 31 |
Sponsored