Top 12 threat-analysis Open-Source Projects

MISP

28 5,008 9.9 PHP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24

cowrie

15 4,920 9.3 Python

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

Project mention: Brute.Fail Watch brute force attacks in real time | news.ycombinator.com | 2023-06-02

Thanks for the reference; after some link chasing I was able to end up on the project I believe you're thinking of: https://github.com/cowrie/cowrie#features (appears to be BSD-3-Clause: https://github.com/cowrie/cowrie/blob/master/LICENSE.rst )

InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
ThreatMapper

32 4,637 9.9 TypeScript

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Project mention: ThreatMapper: Open-source cloud native security observability platform | news.ycombinator.com | 2023-09-10

Qu1cksc0pe

1 1,122 8.0 YARA

All-in-One malware analysis tool.
ThreatIngestor

1 786 7.6 Python

Extract and aggregate threat intelligence.
sysmon-config

1 751 7.2 PowerShell

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
Threat_Model_Examples

1 335 10.0

Collection of Threat Models
SaaSHub

www.saashub.com featured

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
SOC-Multitool

8 308 5.5 JavaScript

A powerful and user-friendly browser extension that streamlines investigations for security professionals.
packages

1 16 3.0

Automated compromise detection of the world's most popular packages (by trickest)
heimdall-framework

1 11 0.0 Python

USB threat evaluation framework for Linux
DetectXDiscord

1 5 5.5 Python

This Discord bot is designed to provide file scanning functionality using the VirusTotal API to check for viruses and other malware in attachments uploaded to a Discord channel.
AMAYARA-Lab

1 1 0.0 Jupyter Notebook

The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

threat-analysis related posts

ThreatMapper: Open-source cloud native security observability platform

1 project | news.ycombinator.com | 10 Sep 2023
OSS Security - Deepfence Threat Mapper

1 project | /r/selfhosters | 17 Jun 2023
Detecting Threats on 100k Servers, 1000s of Cloud Accounts, 2500 K8s Clusters

1 project | news.ycombinator.com | 5 Jun 2023
ThreatMapper – open-source cloud native security observability platform

1 project | news.ycombinator.com | 5 Oct 2022
Looking for infrastructure monitoring solutions.

1 project | /r/homelab | 9 Aug 2022
A note from our sponsor - SaaSHub
www.saashub.com | 11 May 2024

SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source threat-analysis projects? This list will help you:

	Project	Stars
1	MISP	5,008
2	cowrie	4,920
3	ThreatMapper	4,637
4	Qu1cksc0pe	1,122
5	ThreatIngestor	786
6	sysmon-config	751
7	Threat_Model_Examples	335
8	SOC-Multitool	308
9	packages	16
10	heimdall-framework	11
11	DetectXDiscord	5
12	AMAYARA-Lab	1