SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 threat-intelligence Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
Malware-Exhibit
🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.
-
Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
-
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
-
opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24
Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07How did you find which channels and groups to join? From sources like https://github.com/fastfire/deepdarkCTI ?
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14
A different solution that runs locally is opensquat.
https://github.com/atenreiro/opensquat
threat-intelligence related posts
- Teler: Real-Time HTTP Intrusion Detection
- How do you stay on top of new vulnerabilities or CVEs?
- Have I Been Squatted?
- OpenSquat
- How to integrate openCTI with Splunk?
- Lists
- GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source threat-intelligence projects? This list will help you:
Project | Stars | |
---|---|---|
1 | spiderfoot | 11,723 |
2 | awesome-malware-analysis | 11,057 |
3 | MISP | 4,986 |
4 | opencti | 4,617 |
5 | dnstwist | 4,535 |
6 | awesome-devsecops | 4,383 |
7 | deepdarkCTI | 3,723 |
8 | IntelOwl | 3,103 |
9 | signature-base | 2,329 |
10 | SysmonTools | 1,445 |
11 | Digital-Forensics-Guide | 1,335 |
12 | mitaka | 1,313 |
13 | harpoon | 1,133 |
14 | ThePhish | 1,005 |
15 | Ukraine-Cyber-Operations | 908 |
16 | Malware-Exhibit | 900 |
17 | mihari | 821 |
18 | Watcher | 795 |
19 | CyberThreatHunting | 792 |
20 | ThreatIngestor | 781 |
21 | sysmon-config | 749 |
22 | opensquat | 648 |
23 | PatrowlManager | 609 |
Sponsored