SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 threat-intelligence Open-Source Projects
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24
-
Project mention: GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform | /r/SecOpsDaily | 2023-04-20
-
dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
-
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
-
Project mention: How do you stay on top of new vulnerabilities or CVEs? | /r/cybersecurity | 2023-12-07
How did you find which channels and groups to join? From sources like https://github.com/fastfire/deepdarkCTI ?
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01
> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
-
-
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide
-
-
-
Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
Malware-Exhibit
🚀🚀 This is a 🎇🔥 REAL WORLD🔥 🎇 Malware Collection I have Compiled & analysed by researchers🔥 to understand more about Malware threats😈, analysis and mitigation🧐.
-
-
Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)
-
-
-
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
-
opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
A different solution that runs locally is opensquat.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2024-04-01.
threat-intelligence related posts
- Teler: Real-Time HTTP Intrusion Detection
- How do you stay on top of new vulnerabilities or CVEs?
- Have I Been Squatted?
- OpenSquat
- How to integrate openCTI with Splunk?
- Lists
- GitHub - OpenCTI-Platform/opencti: Open Cyber Threat Intelligence Platform
-
A note from our sponsor - SaaSHub
www.saashub.com | 18 Apr 2024
Index
What are some of the best open-source threat-intelligence projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | spiderfoot | 11,670 |
| 2 | awesome-malware-analysis | 11,026 |
| 3 | MISP | 4,962 |
| 4 | opencti | 4,579 |
| 5 | dnstwist | 4,508 |
| 6 | awesome-devsecops | 4,369 |
| 7 | deepdarkCTI | 3,672 |
| 8 | IntelOwl | 3,096 |
| 9 | signature-base | 2,320 |
| 10 | SysmonTools | 1,442 |
| 11 | Digital-Forensics-Guide | 1,331 |
| 12 | mitaka | 1,306 |
| 13 | harpoon | 1,133 |
| 14 | ThePhish | 1,005 |
| 15 | Ukraine-Cyber-Operations | 908 |
| 16 | Malware-Exhibit | 898 |
| 17 | mihari | 818 |
| 18 | Watcher | 794 |
| 19 | CyberThreatHunting | 788 |
| 20 | ThreatIngestor | 778 |
| 21 | sysmon-config | 747 |
| 22 | opensquat | 648 |
| 23 | PatrowlManager | 609 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com