Topic: cyber-threat-intelligence Goto Github

👇 Here are 179 public repositories matching this topic...

bushidouk / abused-legitimate-services
cyber-threat-intelligence,Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
User: bushidouk
malware phishing cyber-threat-intelligence cti cybersecurity

bushidouk / exploring-apt-campaigns
cyber-threat-intelligence,Further investigation in to APT campaigns disclosed by private security firms and security agencies
User: bushidouk
threatintel cti cybersecurity cyber-threat-intelligence

center-for-threat-informed-defense / adversary_emulation_library
cyber-threat-intelligence,An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/adversary-emulation
ctid cybersecurity threat-informed-defense mitre-attack red-team cyber-threat-intelligence adversary-emulation adversary-emulation-plans

center-for-threat-informed-defense / attack-control-framework-mappings
cyber-threat-intelligence,🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Organization: center-for-threat-informed-defense
Home Page: https://center-for-threat-informed-defense.github.io/mappings-explorer/external/nist/
cti cyber-threat-intelligence mitre-attack cybersecurity nist800-53 security-controls ctid threat-informed-defense risk-management

center-for-threat-informed-defense / attack-flow
cyber-threat-intelligence,Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/attack-flow
cybersecurity ctid mitre-attack cyber-threat-intelligence threat-informed-defense

center-for-threat-informed-defense / attack-powered-suit
cyber-threat-intelligence,ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, context menus, and ATT&CK Navigator integration.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/attack-powered-suit
ctid cyber-threat-intelligence mitre-attack browser-extension chrome-extension

center-for-threat-informed-defense / attack_to_veris
cyber-threat-intelligence,🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
Organization: center-for-threat-informed-defense
Home Page: https://center-for-threat-informed-defense.github.io/mappings-explorer/external/veris/
cybersecurity ctid mitre-attack cyber-threat-intelligence threat-informed-defense veris

center-for-threat-informed-defense / cloud-analytics
cyber-threat-intelligence,Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.mitre-engenuity.org/our-work/cloud-analytics/
cybersecurity ctid mitre-attack cyber-threat-intelligence analytics cloud cloud-computing cyber-analytics

center-for-threat-informed-defense / cti-blueprints
cyber-threat-intelligence,CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/cti-blueprints
ctid cyber-threat-intelligence cybersecurity incident-response malware-analysis mitre-attack threat-actors threat-informed-defense

center-for-threat-informed-defense / insider-threat-ttp-kb
cyber-threat-intelligence,The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/insider-threat
cybersecurity ctid mitre-attack cyber-threat-intelligence insider-threat threat-informed-defense

center-for-threat-informed-defense / top-attack-techniques
cyber-threat-intelligence,Top ATT&CK Techniques provides defenders with a systematic approach to prioritizing ATT&CK techniques.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.io/top-attack-techniques
ctid cyber-threat-intelligence cybersecurity mitre-attack

center-for-threat-informed-defense / tram
cyber-threat-intelligence,TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CK®.
Organization: center-for-threat-informed-defense
Home Page: https://ctid.mitre-engenuity.org/our-work/tram/
ctid cyber-threat-intelligence threat-informed-defense mitre-attack cybersecurity

chistadev / chista
cyber-threat-intelligence,Chista | Open Threat Intelligence Framework
Organization: chistadev
cti cyber-threat-intelligence cybersecurity data-leak ioc phishing phishing-detection threat-intelligence

curated-intel / initial-access-broker-landscape
cyber-threat-intelligence,A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
Organization: curated-intel
cyber-threat-intelligence cti ransomware malware darkweb iab initial-access-broker initial-access-brokers initial access

eclecticiq / opentaxii
cyber-threat-intelligence,TAXII server implementation in Python from EclecticIQ
Organization: eclecticiq
taxii stix cti python taxii-server threatintel threat-sharing cyber-threat-intelligence

gonzosint / pywhatcms
cyber-threat-intelligence,Unofficial WhatCMS API package
User: gonzosint
osint cms scanner cyber-threat-intelligence

intelowlproject / greedybear
cyber-threat-intelligence,Threat Intel Platform for T-POTs
Organization: intelowlproject
honeypot threat-intelligence cyber-threat-intelligence threatintel cybersecurity open-source python ioc tpot hacktoberfest

intelowlproject / intelowl
cyber-threat-intelligence,IntelOwl: manage your Threat Intelligence at scale
Organization: intelowlproject
Home Page: https://intelowlproject.github.io
security-tools python threat-intelligence ioc incident-response cyber-threat-intelligence enrichment honeynet osint osint-python

jackaduma / secbert
cyber-threat-intelligence,pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
User: jackaduma
cybersecurity security nlp bert bert-embeddings nlp-machine-learning deeplearning attention transformers transformer-encoder cyber-security security-automation apt machine-learning-security deep-learning-security cyber-threat-intelligence threat-intelligence threat-hunting threat-detection threat-analysis

jackaduma / threatreportextractor
cyber-threat-intelligence,Extracting Attack Behavior from Threat Reports
User: jackaduma
nlp security threat-intelligence threat-analysis cybersecurity cyber-threat-intelligence advanced-persistent-threat deep-learning machine-learning machine-learning-algorithms

mitre-attack / attack-evals
cyber-threat-intelligence,ATT&CK Evaluations website (DEPRECATED)
Organization: mitre-attack
Home Page: https://attackevals.mitre.org
cybersecurity mitre-corporation cyber-threat-intelligence mitre-attack cti

mitre-attack / attack-navigator
cyber-threat-intelligence,Web app that provides basic navigation and annotation of ATT&CK matrices
Organization: mitre-attack
Home Page: https://mitre-attack.github.io/attack-navigator
cti cyber-threat-intelligence mitre-attack mitre-corporation cybersecurity

mitre-attack / attack-scripts
cyber-threat-intelligence,Scripts and a (future) library to improve users' interactions with the ATT&CK content
Organization: mitre-attack
cybersecurity cyber-threat-intelligence mitre-corporation cti mitre-attack python

mitre-attack / attack-stix-data
cyber-threat-intelligence,STIX data representing MITRE ATT&CK
Organization: mitre-attack
Home Page: https://attack.mitre.org/
attack stix cybersecurity mitre-corporation cti cyber-threat-intelligence

mitre-attack / attack-website
cyber-threat-intelligence,MITRE ATT&CK Website
Organization: mitre-attack
Home Page: https://attack.mitre.org
cybersecurity mitre-corporation cyber-threat-intelligence mitre-attack cti

mitre-attack / car
cyber-threat-intelligence,Cyber Analytics Repository
Organization: mitre-attack
cybersecurity mitre-corporation cyber-threat-intelligence cyber-analytics

mitre-attack / mitreattack-python
cyber-threat-intelligence,A python module for working with ATT&CK
Organization: mitre-attack
Home Page: https://mitreattack-python.readthedocs.io/
cybersecurity cyber-threat-intelligence mitre-corporation cti mitre-attack python

mitre / cti
cyber-threat-intelligence,Cyber Threat Intelligence Repository expressed in STIX 2.0
Organization: mitre
stix cti cyber-threat-intelligence attack

mytechnotalent / hacking-windows
cyber-threat-intelligence,A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
User: mytechnotalent
hacking windows assembly assembler cpp cplusplus ida ida-pro idapro reverse-engineering

mytechnotalent / reverse-engineering
cyber-threat-intelligence,A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
User: mytechnotalent
reverse-engineering hacking x86 x64 assembly assembly-language assembly-language-programming cybersecurity arm c-plus-plus

mytechnotalent / zeek-network-security-monitor
cyber-threat-intelligence,A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
User: mytechnotalent
zeek bro network-security cybersecurity cyber-security cyber cyber-threat-intelligence cyber-security-team pcap network-traffic

oasis-open / cti-documentation
cyber-threat-intelligence,OASIS TC Open Repository: GitHub Pages site for STIX and TAXII
Organization: oasis-open
Home Page: https://oasis-open.github.io/cti-documentation/
oasis cti stix stix2 taxii taxii2 json cyber-threat-intelligence

oasis-open / cti-python-stix2
cyber-threat-intelligence,OASIS TC Open Repository: Python APIs for STIX 2
Organization: oasis-open
Home Page: https://stix2.readthedocs.io/
python stix stix2 cyber-threat-intelligence json cti oasis

oasis-open / cti-stix-elevator
cyber-threat-intelligence,OASIS Cyber Threat Intelligence (CTI) TC Open Repository: Convert STIX 1.2 XML to STIX 2.x JSON
Organization: oasis-open
Home Page: https://stix2-elevator.readthedocs.io/en/latest/
python python-script stix stix2 json xml cti cyber-threat-intelligence oasis converter

oasis-open / cti-stix-validator
cyber-threat-intelligence,OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices
Organization: oasis-open
Home Page: https://stix2-validator.readthedocs.io/
python python-script stix stix2 json cti cyber-threat-intelligence oasis validator validation

oasis-open / cti-stix-visualization
cyber-threat-intelligence,OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships
Organization: oasis-open
Home Page: http://oasis-open.github.io/cti-stix-visualization
javascript stix stix2 json cti oasis cyber-threat-intelligence visualization visualizer

oasis-open / cti-stix2-json-schemas
cyber-threat-intelligence,OASIS TC Open Repository: Non-normative schemas and examples for STIX 2
Organization: oasis-open
Home Page: https://github.com/oasis-open/cti-stix2-json-schemas
stix stix2 cti oasis cyber-threat-intelligence antlr json json-schema schemas

oasis-open / cti-taxii-client
cyber-threat-intelligence,OASIS TC Open Repository: TAXII 2 Client Library Written in Python
Organization: oasis-open
Home Page: https://taxii2client.readthedocs.io/
python taxii taxii2 json cti oasis cyber-threat-intelligence client

oasis-open / cti-taxii-server
cyber-threat-intelligence,OASIS TC Open Repository: TAXII 2 Server Library Written in Python
Organization: oasis-open
Home Page: https://medallion.readthedocs.io/
python python-script taxii taxii2 cti oasis cyber-threat-intelligence server

osmankandemir / indicator-intelligence
cyber-threat-intelligence,Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.
User: osmankandemir
cyber-intelligence malicious-domains malicious-ips malware-research threat-intelligence domains malicious malicious-link cyber-analyst cyber-security

paulveillard / cybersecurity-soar
cyber-threat-intelligence,A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
User: paulveillard
soar orchestration orchestration-services scalability incident-response incident-management cyber-threat-intelligence security-hardening os-hardening ios-hacking

referefref / modpot
cyber-threat-intelligence,Modular web-application honeypot platform built using go and gin
User: referefref
Home Page: https://jamesbrine.com.au
cti cyber-threat-intelligence golang honeypot

secutils-dev / secutils
cyber-threat-intelligence,Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers
Organization: secutils-dev
Home Page: https://secutils.dev
api developer-tools rust security security-tools open-security certificate-authority certificates dsa ec

sekoia-io / documentation
cyber-threat-intelligence,SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM
Organization: sekoia-io
Home Page: https://docs.sekoia.io
cyber-threat-intelligence cybersecurity detect respond saas siem

thehive-project / cortex
cyber-threat-intelligence,Cortex: a Powerful Observable Analysis and Active Response Engine
Organization: thehive-project
Home Page: https://thehive-project.org
response dfir analysis analyzer thehive engine scala python rest api

thehive-project / cortex-analyzers
cyber-threat-intelligence,Cortex Analyzers Repository
Organization: thehive-project
Home Page: https://TheHive-Project.github.io/Cortex-Analyzers/
thehive analyzer cortex free free-software open-source observable ioc json incident-response

traut / stixview
cyber-threat-intelligence,STIX2 graph visualisation library in JS
User: traut
Home Page: https://traut.github.io/stixview/
cti stix stix2 cyber-threat-intelligence graph library security cyber-security

travisbgreen / hunting-rules
cyber-threat-intelligence,Suricata rules for network anomaly detection
User: travisbgreen
Home Page: http://travisgreen.net
suricata-rule suricata ids nsm threat-hunting cybersecurity anomaly-detection cyber-threat-intelligence network-security network-monitoring

vlegoy / rcatt
cyber-threat-intelligence,A python app to predict Att&ck tactics and techniques from cyber threat reports
User: vlegoy
cyber-threat-intelligence attack ttp multi-label-classification

vuldb / cyber_threat_intelligence
cyber-threat-intelligence,Cyber Threat Intelligence Data, Indicators, and Analysis
Organization: vuldb
Home Page: https://vuldb.com/?kb.cti
cyber-threat-intelligence cyber-threats cti ioc indicator-of-compromise malware exploit ioa indicators-of-compromise threat-intelligence