Top 23 misp Open-Source Projects

MISP

28 4,969 9.9 PHP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24

TheHive

24 3,166 0.0 Scala

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Project mention: What are your go-to tools for task management and/or case work? | /r/cybersecurity | 2023-12-09

I had a quick test with the hive looks pretty nice. https://thehive-project.org/

InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
malware-ioc

6 1,502 7.1 YARA

Indicators of Compromises (IOC) of our various investigations
ThePhish

17 1,005 0.0 Python

ThePhish: an automated phishing email analysis tool

Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14

Watcher

3 794 3.4 Python

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
ThreatIngestor

1 778 7.6 Python

Extract and aggregate threat intelligence.
misp-galaxy

3 480 9.8 Python

Clusters and elements to attach to MISP events or attributes (like threat actors)

Project mention: Foreign Travel Risks | /r/cybersecurity | 2023-04-26

MISP Threat Actor Galaxy

WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
misp-warninglists

3 474 8.3 Python

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Project mention: Lists | news.ycombinator.com | 2023-04-27

PyMISP

3 417 9.2 Python

Python library using the MISP Rest API

Project mention: FLaNK Stack Weekly for 13 November 2023 | dev.to | 2023-11-13

S1EM

1 385 7.2 Shell

This project is a SIEM with SIRP and Threat Intel, all in one.

Project mention: Homelab Cybersecurity Idea | /r/homelab | 2023-04-28

Also have an instance of S1EM - https://github.com/V1D1AN/S1EM - running, monitoring my home LAN, firewall etc. It's huge overkill, and your machine may struggle to run it if you ran anything else with it, but might be worth looking at.

misp-modules

1 324 9.1 Python

Modules for expansion services, enrichment, import and export in MISP and other tools. (by MISP)
connectors

2 319 9.9 Python

OpenCTI Connectors (by OpenCTI-Platform)

Project mention: How to integrate openCTI with Splunk? | /r/threatintel | 2023-07-12

Connector on GitHub - https://github.com/OpenCTI-Platform/connectors/tree/master/stream/splunk

threatbus

4 254 0.0 Python

🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
docker-misp

1 226 5.8 Shell

A (nearly) production ready Dockered MISP
awesome-lists

1 199 9.7 PowerShell

Security lists for SOC detections (by mthcht)

Project mention: List of suspicious ports | /r/cybersecurity | 2023-05-22

MISP-maltego

3 165 0.0 Python

Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
misp-docker

1 77 8.2 Shell

A production ready Dockered MISP
misp-cloud

1 68 2.6 Shell

misp-cloud - Cloud-ready images of MISP
misp-wireshark

1 42 0.0 Lua

Lua plugin to extract data from Wireshark and convert it into MISP format
MISP-QRadar-Integration

2 36 0.0 Python

The Project can be used to integrate QRadar with MISP Threat Sharing Platform
MISP-tools

2 31 6.4 Python

Import CrowdStrike Threat Intelligence into your instance of MISP
Go-MISPFeedGenerator

6 16 0.0 Go

Golang implementation of PyMISP-feedgenerator
MISP2Sentinel

2 6 4.4 Python

A Python integration that fetches Threat Intelligence from MISP and publishes it to Microsoft Sentinel SIEM.
SaaSHub

www.saashub.com sponsored

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-02-24.

misp related posts

A recent abrupt change in Internet SSH brute force attacks against us
1 project | news.ycombinator.com | 24 Feb 2024
What are your go-to tools for task management and/or case work?
1 project | /r/cybersecurity | 9 Dec 2023
Taking Notes: What are your techniques as security professionals?
1 project | /r/cybersecurity | 6 Dec 2023
Free Tech Tools and Resources - Terraform for AWS, Cyberthreat Tool, Vim Training & More
2 projects | /r/SysAdminBlogs | 16 Aug 2023
Free Tech Tools and Resources - Connection Tracing, Throttling Tool, Log Search & More
2 projects | /r/SysAdminBlogs | 9 Aug 2023
How to integrate openCTI with Splunk?
1 project | /r/threatintel | 12 Jul 2023
Lists
1 project | news.ycombinator.com | 27 Apr 2023
A note from our sponsor - SaaSHub
www.saashub.com | 20 Apr 2024

SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source misp projects? This list will help you:

	Project	Stars
1	MISP	4,969
2	TheHive	3,166
3	malware-ioc	1,502
4	ThePhish	1,005
5	Watcher	794
6	ThreatIngestor	778
7	misp-galaxy	480
8	misp-warninglists	474
9	PyMISP	417
10	S1EM	385
11	misp-modules	324
12	connectors	319
13	threatbus	254
14	docker-misp	226
15	awesome-lists	199
16	MISP-maltego	165
17	misp-docker	77
18	misp-cloud	68
19	misp-wireshark	42
20	MISP-QRadar-Integration	36
21	MISP-tools	31
22	Go-MISPFeedGenerator	16
23	MISP2Sentinel	6