Top 23 threat-intelligence Open-Source Projects

1. spiderfoot

   1 21 13,911 0.0 Python

   SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

   

   Project mention: SpiderFoot automates OSINT for threat intelligence | news.ycombinator.com | 2024-07-03

   Some would disagree with that statement: <https://github.com/smicallef/spiderfoot/issues>

     The little development on the project is probably due to it's age.

2. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

3. awesome-malware-analysis

   2 8 12,360 3.3

   Defund the Police.

   

4. opencti

   3 9 7,059 9.9 TypeScript

   Open Cyber Threat Intelligence Platform

   

5. MISP

   4 30 5,573 9.9 PHP

   MISP (core software) - Open Source Threat Intelligence and Sharing Platform

   

   Project mention: Cradle – Open-Source Collaborative Threat Intelligence Hub | news.ycombinator.com | 2025-03-15

6. dnstwist

   5 23 5,055 6.2 Python

   Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

   

7. deepdarkCTI

   6 5 4,887 9.6

   Collection of Cyber Threat Intelligence sources from the deep and dark web

   

8. awesome-devsecops

   7 4 4,775 0.0

   An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

   

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. IntelOwl

    8 13 4,049 9.7 Python

    IntelOwl: manage your Threat Intelligence at scale

    

11. signature-base

    9 12 2,569 8.8 YARA

    YARA signature and IOC database for my scanners and tools

    

    Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01

    > It doesn't matter.

    To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.

    > A way to check if servers are vulnerable is probably by querying the package manager

    Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.

    https://github.com/Neo23x0/signature-base/blob/master/yara/b...

    > Not very sophisticated, but it'll work.

    Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.

12. Digital-Forensics-Guide

    10 6 1,701 6.4 Python

    Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

13. mitaka

    11 1 1,539 8.0 TypeScript

    A browser extension for OSINT search

    

14. SysmonTools

    12 2 1,507 2.6

    Utilities for Sysmon

    

15. harpoon

    13 2 1,199 3.7 Python

    CLI tool for open source and threat intelligence (by Te-k)

    

16. ThePhish

    14 17 1,196 4.6 Python

    ThePhish: an automated phishing email analysis tool

    

17. Malware-Exhibit

    15 2 1,019 9.8 Assembly

    🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.

18. Ukraine-Cyber-Operations

    16 10 915 3.4 YARA

    Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

    

19. Watcher

    17 3 894 8.8 Python

    Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)

    

20. mihari

    18 3 880 7.9 Ruby

    A query aggregator for OSINT based threat hunting

    

21. CyberThreatHunting

    19 1 878 3.8 Python

    A collection of resources for Threat Hunters

    

22. ThreatIngestor

    20 1 841 7.6 Python

    Extract and aggregate threat intelligence.

    

23. sysmon-config

    21 1 789 7.2 PowerShell

    Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)

    

24. opensquat

    22 5 767 3.6 Python

    The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

    

25. PatrowlManager

    23 1 630 0.0 HTML

    PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

threat-intelligence related posts

• Cradle – Collaborative Threat Intelligence Hub

  1 project | news.ycombinator.com | 18 Mar 2025

• Teler: Real-Time HTTP Intrusion Detection

  2 projects | news.ycombinator.com | 20 Mar 2024

• How do you stay on top of new vulnerabilities or CVEs?

  2 projects | /r/cybersecurity | 7 Dec 2023

• Have I Been Squatted?

  3 projects | news.ycombinator.com | 27 Nov 2023

• OpenSquat

  1 project | news.ycombinator.com | 15 Jul 2023

• How to integrate openCTI with Splunk?

  1 project | /r/threatintel | 12 Jul 2023

• Lists

  1 project | news.ycombinator.com | 27 Apr 2023
• A note from our sponsor - CodeRabbit
  coderabbit.ai | 19 Mar 2025

  Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →

Index

Sponsored

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

coderabbit.ai