Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work. Learn more →
Top 23 threat-intelligence Open-Source Projects
-
Project mention: Windows found a trojan called "ravadon.e". Is this a false alarm or what? I can't find anything about it offline except a site that just copy and pastes the trojan name into it's text. | reddit.com/r/antivirus | 2022-08-15
-
the most complete and best at present https://www.spiderfoot.net
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
Yes but … the frontend/ui is still trying to check the health of each process by checking in /proc/{PID} like in previous and shows that the process maybe start but it couldn’t check if it’s alive or not. An issue was created and we’re waiting for the patch to be integrated in a future version.
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Project mention: God damn. In situations like this how can I detect the fake one? This is truly scary. | reddit.com/r/Bitwarden | 2023-01-25Pi-hole (with every reasonable blocklist I can find) protects me from many of these domains. NextDNS would be another option for DNS-based blocking for people who don't want to administer it themselves. I also plan to use DNSTwist to generate additional blocklists for typo-based phishing that I can plug into the Pi-hole for important sites.
-
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
DevSecOps
-
An image - OpenCTI IOC Visualisation The system - OpenCTI Github
-
Allowed bulk analysis of files as well as observables, leading to a more efficient workflow for IntelOwl users. #1032
-
InfluxDB
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.
-
Project mention: GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. | reddit.com/r/golang | 2023-01-01
You can try teler tho :) - https://github.com/kitabisa/teler
-
-
-
Project mention: Security Cadence: Sysmon (Logging Part 2 out of ?????) | reddit.com/r/sysadmin | 2022-05-16
-
-
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
-
Project mention: Any good threat hunting resources? Looking for query libraries. | reddit.com/r/computerforensics | 2022-04-08
-
Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
-
-
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
Project mention: sysmon-config: Advanced Sysmon ATT&CK configuration, Installer & Auto Updater with high-quality event tracing | reddit.com/r/blueteamsec | 2022-09-12 -
Project mention: Building a Threat Intelligence Feed using the Twitter API and a bit of code | reddit.com/r/netsec | 2022-05-28
-
-
opensquat
The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis. This project aims to help protect individuals and organizations from cyber threats by identifying and alerting them to potentially malicious domains.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-01-27.
threat-intelligence related posts
- Does anyone know what cdn4image.com is? I’ve searched but can’t find anything relevant to why it’s always showing up in my logs.
- cli google search client written by chatgpt ai - bypasses captcha and rate limiting
- kitabisa/teler release v2.0.0-dev
- kitabisa/teler release v2.0.0-dev
- How to find a similar looking domains
- Enhance your malware detection with WAF + YARA (WAFARAY)
- Have I Been Sqautted – free DNS typosquatting platform
-
A note from our sponsor - Sonar
www.sonarsource.com | 31 Jan 2023
Index
What are some of the best open-source threat-intelligence projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | awesome-malware-analysis | 9,436 |
| 2 | spiderfoot | 9,049 |
| 3 | MISP | 4,184 |
| 4 | dnstwist | 3,695 |
| 5 | awesome-devsecops | 3,529 |
| 6 | opencti | 3,258 |
| 7 | IntelOwl | 2,541 |
| 8 | teler | 2,176 |
| 9 | signature-base | 1,858 |
| 10 | deepdarkCTI | 1,529 |
| 11 | SysmonTools | 1,322 |
| 12 | harpoon | 1,022 |
| 13 | mitaka | 962 |
| 14 | Ukraine-Cyber-Operations | 856 |
| 15 | ThePhish | 712 |
| 16 | CyberThreatHunting | 690 |
| 17 | Watcher | 681 |
| 18 | mihari | 659 |
| 19 | sysmon-config | 656 |
| 20 | ThreatIngestor | 632 |
| 21 | PatrowlManager | 529 |
| 22 | opensquat | 417 |
| 23 | Scrummage | 413 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com