Open-source projects categorized as threat-intelligence

Top 23 threat-intelligence Open-Source Projects

  • awesome-malware-analysis

    Defund the Police.

    Project mention: Windows found a trojan called "ravadon.e". Is this a false alarm or what? I can't find anything about it offline except a site that just copy and pastes the trojan name into it's text. | | 2022-08-15
  • spiderfoot

    SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

    Project mention: What are your preferred OSINT tools? | | 2022-07-04

    the most complete and best at present

  • Sonar

    Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • MISP

    MISP (core software) - Open Source Threat Intelligence and Sharing Platform

    Project mention: MISP at scale on Kubernetes | | 2022-11-17

    Yes but … the frontend/ui is still trying to check the health of each process by checking in /proc/{PID} like in previous and shows that the process maybe start but it couldn’t check if it’s alive or not. An issue was created and we’re waiting for the patch to be integrated in a future version.

  • dnstwist

    Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

    Project mention: God damn. In situations like this how can I detect the fake one? This is truly scary. | | 2023-01-25

    Pi-hole (with every reasonable blocklist I can find) protects me from many of these domains. NextDNS would be another option for DNS-based blocking for people who don't want to administer it themselves. I also plan to use DNSTwist to generate additional blocklists for typo-based phishing that I can plug into the Pi-hole for important sites.

  • awesome-devsecops

    An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

    Project mention: Cybersecurity Repositories | | 2022-05-31


  • opencti

    Open Cyber Threat Intelligence Platform

    Project mention: Threat analysis visualization? | | 2022-08-02

    An image - OpenCTI IOC Visualisation The system - OpenCTI Github

  • IntelOwl

    Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

    Project mention: To GSoC and beyond... | | 2022-09-26

    Allowed bulk analysis of files as well as observables, leading to a more efficient workflow for IntelOwl users. #1032

  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.

  • teler

    Real-time HTTP Intrusion Detection

    Project mention: GitHub - kitabisa/teler-waf: teler-waf is a Go HTTP middleware that provide teler IDS functionality with teler IDS to protect against web-based attacks and improve the security of Go-based web applications. It is highly configurable and easy to integrate into existing Go applications. | | 2023-01-01

    You can try teler tho :) -

  • signature-base

    YARA signature and IOC database for my scanners and tools

    Project mention: OneNote Yara rule | | 2023-01-27
  • deepdarkCTI

    Collection of Cyber Threat Intelligence sources from the deep and dark web

    Project mention: Leaks! how to organize them? | | 2022-05-02
  • SysmonTools

    Utilities for Sysmon

    Project mention: Security Cadence: Sysmon (Logging Part 2 out of ?????) | | 2022-05-16
  • harpoon

    CLI tool for open source and threat intelligence (by Te-k)

  • mitaka

    A browser extension for OSINT search

  • Ukraine-Cyber-Operations

    Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

    Project mention: Russia-Ukraine Cyberwar 2022 | | 2022-03-28
  • ThePhish

    ThePhish: an automated phishing email analysis tool

    Project mention: security alerts management | | 2022-09-15
  • CyberThreatHunting

    A collection of resources for Threat Hunters - Sponsored by Falcon Guard

    Project mention: Any good threat hunting resources? Looking for query libraries. | | 2022-04-08
  • Watcher

    Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)

  • mihari

    A tool for OSINT based threat hunting

  • sysmon-config

    Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)

    Project mention: sysmon-config: Advanced Sysmon ATT&CK configuration, Installer & Auto Updater with high-quality event tracing | | 2022-09-12
  • ThreatIngestor

    Extract and aggregate threat intelligence.

    Project mention: Building a Threat Intelligence Feed using the Twitter API and a bit of code | | 2022-05-28
  • PatrowlManager

    PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

  • opensquat

    The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis. This project aims to help protect individuals and organizations from cyber threats by identifying and alerting them to potentially malicious domains.

    Project mention: How to find a similar looking domains | | 2022-10-08
  • Scrummage

    The Ultimate OSINT and Threat Hunting Framework

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-01-27.

threat-intelligence related posts


What are some of the best open-source threat-intelligence projects? This list will help you:

Project Stars
1 awesome-malware-analysis 9,436
2 spiderfoot 9,049
3 MISP 4,184
4 dnstwist 3,695
5 awesome-devsecops 3,529
6 opencti 3,258
7 IntelOwl 2,541
8 teler 2,176
9 signature-base 1,858
10 deepdarkCTI 1,529
11 SysmonTools 1,322
12 harpoon 1,022
13 mitaka 962
14 Ukraine-Cyber-Operations 856
15 ThePhish 712
16 CyberThreatHunting 690
17 Watcher 681
18 mihari 659
19 sysmon-config 656
20 ThreatIngestor 632
21 PatrowlManager 529
22 opensquat 417
23 Scrummage 413
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives