Top 20 misp Open-Source Projects

  • MISP

    MISP (core software) - Open Source Threat Intelligence and Sharing Platform

    Project mention: Threat intelligence IOC enrichments? | reddit.com/r/cybersecurity | 2023-02-01
  • TheHive

    TheHive: a Scalable, Open Source and Free Security Incident Response Platform

    Project mention: Software for recording security incidents? | reddit.com/r/cybersecurity | 2023-01-09

    i recommend TheHive for creating incident tickets. it is opensource but there is paid one offered by StrangeBee

  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.

  • malware-ioc

    Indicators of Compromises (IOC) of our various investigations

    Project mention: What are your go-to websites to read cybersecurity news in 2023? | reddit.com/r/cybersecurity | 2023-01-14


  • ThePhish

    ThePhish: an automated phishing email analysis tool

    Project mention: security alerts management | reddit.com/r/msp | 2022-09-15
  • Watcher

    Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)

  • ThreatIngestor

    Extract and aggregate threat intelligence.

    Project mention: Building a Threat Intelligence Feed using the Twitter API and a bit of code | reddit.com/r/netsec | 2022-05-28
  • misp-galaxy

    Clusters and elements to attach to MISP events or attributes (like threat actors)

    Project mention: Profiling and Tracking Threat Actors | reddit.com/r/OSINT | 2022-09-13

    MISP threat actors galaxy may be of interest: https://github.com/MISP/misp-galaxy

  • Sonar

    Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • TheHiveDocs

    Documentation of TheHive

  • misp-warninglists

    Warning lists to inform users of MISP about potential false-positives or other information in indicators

    Project mention: Does anyone know what cdn4image.com is? I’ve searched but can’t find anything relevant to why it’s always showing up in my logs. | reddit.com/r/nextdns | 2023-01-09

    MSP Threat Intelligence list

  • PyMISP

    Python library using the MISP Rest API

    Project mention: Get CrowdSec IOCs feed into MISP | reddit.com/r/CrowdSec | 2022-09-24

    You might consider misp feed https://github.com/MISP/PyMISP/tree/main/examples/feed-generator, basically it’s the best way to collect IOCs and import them into a MISP instance. These feeds help to correlate IOCs without manually launching the MISP module every time for each IOC, this also reduce the workload on your API servers as the list is cached locally on the MISP and updated every day.

  • misp-modules

    Modules for expansion services, import and export in MISP (by MISP)

    Project mention: Showdan and MISP | reddit.com/r/MISP | 2022-10-18
  • misp-docker

    MISP Docker (XME edition)

    Project mention: MISP at scale on Kubernetes | dev.to | 2022-11-17

    The official MISP project is providing a containerized version of the MISP where all elements except the SQL database are included in a single container.

  • threatbus

    🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

  • docker-misp

    A (nearly) production ready Dockered MISP

    Project mention: MISP at scale on Kubernetes | dev.to | 2022-11-17

    The project MISP-Docker from Coolacid is providing a containerized version of the MISP solution. This all-in-one solution includes the frontend, background jobs, cronjobs and an HTTP Server (Nginx) all orchestrated by process manager tool called supervisor. External services such as the database and Redis aren’t part of the container but are necessary. We decided that this project is very a good starting point to scale the MISP on Kubernetes.

  • MISP-maltego

    Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.

    Project mention: I'm having trouble installing MISP-maltego on Linux. | reddit.com/r/MISP | 2022-09-29

    I can't install MISP-maltego (Local Trasform Installation): https://github.com/MISP/misp-maltego

  • misp-cloud

    misp-cloud - Cloud-ready images of MISP

    Project mention: MISP at scale on Kubernetes | dev.to | 2022-11-17

    The project misp-cloud is providing ready to use AWS AMI containing the MISP platform as well as all other external component on the same image. They may provide images for Azure and DigitalOcean in the future.

  • MISP-QRadar-Integration

    The Project can be used to integrate QRadar with MISP Threat Sharing Platform

  • misp-wireshark

    Lua plugin to extract data from Wireshark and convert it into MISP format

    Project mention: Lua plugin to extract data from Wireshark and convert it into MISP format | news.ycombinator.com | 2022-02-20
  • Go-MISPFeedGenerator

    Golang implementation of PyMISP-feedgenerator

  • MISP-tools

    Import CrowdStrike Threat Intelligence into your instance of MISP

    Project mention: Ingesting IOCs in to CS from MISP | reddit.com/r/crowdstrike | 2022-05-13

    I'd start with intel_client.py (most CS interactions happen here) and indicators.py (the logic for the handling of indicators, a lot of this is PyMISP-specific but it will help you identify data elements you want to bring over).

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-02-01.

misp related posts


What are some of the best open-source misp projects? This list will help you:

Project Stars
1 MISP 4,193
2 TheHive 2,803
3 malware-ioc 1,302
4 ThePhish 717
5 Watcher 683
6 ThreatIngestor 636
7 misp-galaxy 389
8 TheHiveDocs 385
9 misp-warninglists 365
10 PyMISP 342
11 misp-modules 267
12 misp-docker 243
13 threatbus 237
14 docker-misp 190
15 MISP-maltego 148
16 misp-cloud 61
17 MISP-QRadar-Integration 26
18 misp-wireshark 21
19 Go-MISPFeedGenerator 16
20 MISP-tools 13
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives