The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 15 Python Threatintel Projects
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
-
threatbus
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
-
-
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
-
MISP-QRadar-Integration
The Project can be used to integrate QRadar with MISP Threat Sharing Platform
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Brute.Fail Watch brute force attacks in real time | news.ycombinator.com | 2023-06-02Thanks for the reference; after some link chasing I was able to end up on the project I believe you're thinking of: https://github.com/cowrie/cowrie#features (appears to be BSD-3-Clause: https://github.com/cowrie/cowrie/blob/master/LICENSE.rst )
Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Python Threatintel related posts
- Hey. How does one find out everything related to a certain e-mail adress? on which sites it has an account registered and stuff like that? im totally new to this. thanks!!!
- Yeti: Organize observables, indicators of compromise, TTPs, and threats
- Get CrowdSec IOCs feed into MISP
- What are your preferred OSINT tools?
- How to Iidentify zero day phishing URLs
- SpiderFoot 4.0 release - introducing YAML correlation rules
- OSINT Tools
-
A note from our sponsor - WorkOS
workos.com | 22 Apr 2024
Index
What are some of the best open-source Threatintel projects in Python? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | spiderfoot | 11,670 |
| 2 | cowrie | 4,904 |
| 3 | IntelOwl | 3,103 |
| 4 | yeti | 1,626 |
| 5 | harpoon | 1,133 |
| 6 | ThreatIngestor | 781 |
| 7 | iocextract | 485 |
| 8 | PyMISP | 418 |
| 9 | kestrel-lang | 273 |
| 10 | threatbus | 254 |
| 11 | malware-ioc | 196 |
| 12 | Log4Shell-IOCs | 184 |
| 13 | MurMurHash | 109 |
| 14 | MISP-QRadar-Integration | 36 |
| 15 | MISP-tools | 31 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com