Top 11 threat-sharing Open-Source Projects

awesome-malware-analysis

8 11,057 0.0

Defund the Police.
MISP

28 4,986 9.9 PHP

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Project mention: A recent abrupt change in Internet SSH brute force attacks against us | news.ycombinator.com | 2024-02-24

InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
cowrie

15 4,909 9.3 Python

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

Project mention: Brute.Fail Watch brute force attacks in real time | news.ycombinator.com | 2023-06-02

Thanks for the reference; after some link chasing I was able to end up on the project I believe you're thinking of: https://github.com/cowrie/cowrie#features (appears to be BSD-3-Clause: https://github.com/cowrie/cowrie/blob/master/LICENSE.rst )

yeti

2 1,626 9.7 Python

Your Everyday Threat Intelligence
ThreatIngestor

1 781 7.6 Python

Extract and aggregate threat intelligence.
sysmon-config

1 749 7.2 PowerShell

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events. (by ion-storm)
iocextract

1 485 5.4 Python

Defanged Indicator of Compromise (IOC) Extractor.
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
PyMISP

3 418 9.2 Python

Python library using the MISP Rest API

Project mention: FLaNK Stack Weekly for 13 November 2023 | dev.to | 2023-11-13

docker-misp

1 226 5.8 Shell

A (nearly) production ready Dockered MISP
MISP-QRadar-Integration

2 36 0.0 Python

The Project can be used to integrate QRadar with MISP Threat Sharing Platform
Go-MISPFeedGenerator

6 16 0.0 Go

Golang implementation of PyMISP-feedgenerator

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

threat-sharing related posts

A recent abrupt change in Internet SSH brute force attacks against us
1 project | news.ycombinator.com | 24 Feb 2024
Free Tech Tools and Resources - Terraform for AWS, Cyberthreat Tool, Vim Training & More
2 projects | /r/SysAdminBlogs | 16 Aug 2023
Top OpenSource/Free Cybersecurity Tools
2 projects | /r/cybersecurity | 11 Apr 2023
Threat intelligence IOC enrichments?
1 project | /r/cybersecurity | 1 Feb 2023
MISP at scale on Kubernetes
10 projects | dev.to | 17 Nov 2022
Yeti: Organize observables, indicators of compromise, TTPs, and threats
1 project | news.ycombinator.com | 17 Oct 2022
Have you ever tried to create your own module by following the guide in the github repo "misp-modules"?
1 project | /r/MISP | 16 Oct 2022
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024

SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source threat-sharing projects? This list will help you:

	Project	Stars
1	awesome-malware-analysis	11,057
2	MISP	4,986
3	cowrie	4,909
4	yeti	1,626
5	ThreatIngestor	781
6	sysmon-config	749
7	iocextract	485
8	PyMISP	418
9	docker-misp	226
10	MISP-QRadar-Integration	36
11	Go-MISPFeedGenerator	16