Loading...
EclecticIQ Intelligence Center is a commercial Threat Intelligence Platforms tool developed by EclecticIQ. Security professionals most commonly compare it with . All 360 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to EclecticIQ Intelligence Center, including their key features and shared capabilities.
Web data platform providing open, deep & dark web APIs and monitoring.
Free breach monitoring platform for compromised credential detection & alerting.
Cybercrime intelligence tools for searching compromised credentials from infostealers
Cybersecurity market intelligence platform for tracking competitors & funding
Enterprise threat intelligence platform with APAC focus and adversary tracking
Shares 4 capabilities with EclecticIQ Intelligence Center: MITRE Attack, IOC, STIX, Cyber Threat Intelligence
Enterprise threat intelligence platform for proactive threat detection
Shares 4 capabilities with EclecticIQ Intelligence Center: MITRE Attack, IOC, STIX, Cyber Threat Intelligence
Behavior-based threat intel feed delivering malware IOCs with context
Shares 4 capabilities with EclecticIQ Intelligence Center: MITRE Attack, IOC, STIX, Cyber Threat Intelligence
Converts unstructured OSINT & darknet signals into structured STIX 2.1 threat intelligence
Shares 4 capabilities with EclecticIQ Intelligence Center: MITRE Attack, IOC, STIX, Cyber Threat Intelligence
Web data platform providing open, deep & dark web APIs and monitoring.
Free breach monitoring platform for compromised credential detection & alerting.
Cybercrime intelligence tools for searching compromised credentials from infostealers
Cybersecurity market intelligence platform for tracking competitors & funding
Enterprise threat intelligence platform with APAC focus and adversary tracking
Enterprise threat intelligence platform for proactive threat detection
Behavior-based threat intel feed delivering malware IOCs with context
Converts unstructured OSINT & darknet signals into structured STIX 2.1 threat intelligence
SOC Radar Cyber Threat Intelligence is a comprehensive platform that provides dark web monitoring, vulnerability intelligence, and threat actor analysis to help organizations proactively defend against cyber threats.
Enterprise threat intelligence feeds covering malware, phishing, C2, and IPs
Threat intelligence platform aggregating global threat data for detection
Automates distribution of threat intel across security infrastructure
Managed CTI platform with sector-specific threat reports and exposure monitoring.
AI-powered platform for collecting and analyzing open source threat intelligence
Technical threat intel feed of compromised IPs/domains from cybercrime sources
Threat intelligence database with 500M+ malicious IPs, domains, and IOCs via API
Threat intelligence platform providing global threat visibility and IoCs
MCP server connecting LLMs to live threat intelligence via natural language
Real-time threat intelligence platform with STIX/TAXII compliance
Mobile threat intelligence service providing threat data, research, and DFIR
Open-source threat intelligence platform for organizing and operationalizing CTI
AI-driven threat intelligence platform for threat detection and response
Threat intelligence platform providing strategic & tactical threat analysis
Global threat intelligence platform aggregating CTI sources with AI analysis
AI-powered cyber threat intelligence platform for IoC detection and analysis
XTM portfolio for threat intel, attack surface visibility & adversary simulation
Threat intelligence feeds providing malware and threat data in multiple formats
Automotive-specific threat intelligence platform for mobility ecosystem
OT/IoT threat intelligence feed for vulnerability and malware detection
AI-powered external threat intelligence platform for threat detection
Analyzes phishing kits to extract IOCs, attacker infrastructure & tactics
Zero-day threat intelligence platform with adversary monitoring & simulation
Cyber threat intelligence platform with adversary tracking capabilities
Threat intelligence platform combining Google, Mandiant, and VirusTotal data
Cyber threat intelligence platform for monitoring threats, TTPs, and IOCs
Infrastructure intelligence platform for threat hunting and investigation
Real-time C2 infrastructure detection and disruption threat intelligence feed
Real-time threat intelligence platform for external threat visibility and IoC analysis
Cyber threat intelligence platform monitoring external threats & cybercrime
Threat intelligence search platform with correlated data graph
AI-powered cyber threat intelligence platform with real-time monitoring
Threat intelligence platform with 500M+ entries for real-time threat analysis
Centralized threat intelligence platform for aggregating and operationalizing IOCs
AI-powered threat management platform for detection, analysis, and response
OSINT platform for monitoring surface web, dark web, and social media sources
AI-powered threat intelligence feed for automated DDoS protection
Cyber threat intelligence platform with AI-driven analysis and threat hunting
Threat intelligence library with 30,000+ threats mapped to MITRE ATT&CK
Threat intel enrichment platform that correlates events with IOCs and actors
AI-driven threat intel feeds for automated blocking on 20+ firewall vendors
Managed threat intelligence service with dark web monitoring and analysis
SaaS platform for threat-informed defense using adversary tradecraft analysis
Preemptive threat intelligence platform for incident response and hunting
Real-time CVE exploitation tracker with active IP feeds and IoC visibility.
Cloud-based platform that maps malware relationships for threat intelligence.
AI-driven tool mapping threat intelligence to org-specific risk landscapes.
Curated attack use case platform that feeds threat scenarios into Jizô AI.
Continuous, private malware analysis and threat intel platform for enterprises.
Automated threat intel service with IoC search, feeds, and SIEM/SOAR integrations.
AI-powered threat verification for phone numbers, websites, text messages, and emails
Threat intel platform detecting mass exploitation & recon via deception nets
API platform providing historical DNS, WHOIS, and IP data for security research.
IP reputation & threat intel API backed by honeypot sensors and community reports.
Repository containing MITRE ATT&CK and CAPEC threat intelligence datasets formatted in STIX 2.0 standard for cybersecurity analysis and threat intelligence sharing.
Real-time OSINT monitoring for leaked credentials, data, and infrastructure
Continuous threat intelligence and exposure management across dark, deep & clear web.
Next-gen cybersecurity platform for threat detection & digital risk mgmt.
Enterprise threat intelligence platform for identifying and prioritizing threats
Real-time threat intelligence platform for external cyber threat defense
AI-driven cyber threat intelligence platform for threat detection and analysis
Dark web monitoring platform for detecting data leaks and brand threats
Real-time threat intelligence platform for monitoring attacks and breaches
Cyber intelligence platform for threat detection and security posture mgmt
AI-powered threat intelligence platform for real-time threat intel management
AI-powered threat intelligence platform with agentic AI automation
European threat intelligence as-a-service provider with analyst support
CTI platform combining automated collection with cyber HUMINT for threat intel
Real-time threat intel platform detecting malicious scanning & exploitation
Managed cyber threat intelligence service with org/adversary profiling
Proactive C2 threat intelligence feed for detecting adversary infrastructure
CTI platform monitoring deep/dark web, forums & threat actors for intel
AI-powered threat intelligence platform for cyber, geopolitical & physical risks
3D cyber threat visualization platform for external threat monitoring
SOCRadar Extended Threat Intelligence Platform is a SaaS-based solution that provides real-time threat detection, digital risk protection, and AI-powered threat intelligence services across multiple environments including dark web, social media, and cloud platforms.
Threat intelligence platform for detection, hunting, and remediation
Threat intelligence platform for SOC/MSSP with AI/ML threat analysis
Threat intel platform combining CTI, DRPS, EASM & TPRM for exposure mgmt.
External threat landscape mgmt platform with predictive intelligence
Dark web monitoring platform for detecting exposed credentials and threats
AI-driven threat intel platform monitoring clear, deep, and dark web sources
AI-powered CTI platform integrating ASM, DRP, and TI capabilities
P2P threat intel sharing platform for collaborative defense communities
Risk intelligence service for supply chain, geopolitical & compliance risks
AI-powered threat intelligence service with expert analysis and geopolitics
Threat intelligence platform for cyber, physical, vulnerability & national sec
Cyber threat intelligence sharing platform with TAXII/STIX support
Cyber threat intelligence sharing platform for Australian organizations
Anonymous ICS threat intel sharing platform for collective defense
CTI services combining human expertise and AI for threat analysis
Physical security threat intel platform combining OSINT, location data & analysis
AI-driven threat intel platform for preemptive security & attack prevention
Automotive-focused threat intelligence platform with dark web monitoring
Pre-attack threat intel platform detecting attacker infrastructure before launch
AI platform for real-time event, threat & risk intelligence detection
AI-powered CTI platform converting unstructured threat data into role-based intelligence.
Managed dark/deep/clear web threat monitoring with expert analyst review.
Threat intel platform with dark web monitoring, ASM, and brand protection.
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
Cyber threat intelligence platform for threat-led risk management
Global IP threat intelligence search engine with attack surface mgmt
Cyber threat intelligence platform providing actionable insights
Enterprise cyber threat intelligence platform with remote network protection
Orchestrated threat intelligence platform for CTI and SOC teams
Threat intelligence platform for aggregating, analyzing, and sharing CTI data
AI-powered threat intel platform for operationalizing CTI and cyber risk mgmt
Threat intelligence service providing alerts, analysis, and support
Threat intelligence platform with deep/dark web monitoring and OSINT data
AI-driven cyber intelligence orchestration platform for threat intel & OSINT
API providing access to compromised identity data and threat signals
DNS-layer threat blocking service with real-time threat intelligence feeds
Preemptive cyber defense platform using DNS, WHOIS, and web data for threat intel
SOCRadar Agentic Threat Intelligence is an AI-powered cybersecurity platform that deploys autonomous agents to automate threat intelligence operations, analysis, and response without human intervention.
Malware intelligence marketplace aggregating multiple detection engines
File and URL scanning service for malware and threat detection
Real-time identity protection monitoring compromised credentials on dark web
Threat intel platform for investigating cybercrime underground sources
AI-powered investigation tool for analyzing identity exposures from darknet data
Dark web intelligence service with human operatives for threat hunting
Threat intelligence feeds for SOC teams from social, dark web & botnet sources
Threat intelligence platform providing APT analysis and threat reports
AI-based threat intelligence platform for analyzing and distributing threat data
Threat intelligence platform combining network security and threat exposure mgmt
Visual interface for exploring threat intelligence data sources and datasets
Swiss-made darknet monitoring platform providing real-time threat intel via API
Real-time zero-day vulnerability detection and alerting platform
CTI platform for threat analysis, dark web monitoring, and data breach detection
Real-time threat intelligence platform with analyst-enriched insights
Investigative intelligence service for law enforcement agencies
Threat intel platform for prioritizing vulnerabilities based on attacker TTPs
Threat intelligence platform monitoring dark web, breaches & attack surface
AI-powered threat intelligence platform with search, risk assessment & alerts
Threat intelligence platform providing actionable insights from global sources
Virtual asset intelligence solution tracking cryptocurrency transactions
AI-powered cyber threat intelligence platform for threat monitoring & analysis
Threat intelligence platform with AI-powered monitoring and analysis
Detects compromised assets via outbound traffic to GreyNoise sensors & malicious IPs
Enterprise file analysis platform for high-volume malware detection
CTI platform providing structured threat intelligence and analysis
Proactive threat intelligence platform providing early warning alerts
Threat intelligence platform providing messaging threat data via API
Domain intelligence platform for threat research and investigation
AI-powered threat intelligence platform collecting data from web sources
Aviation security threat intelligence & risk mgmt platform for AVSEC pros
Cyber threat intelligence feeds for SOC and threat intelligence teams
Curated phishing threat intelligence feed with predictive detection
Real-time fraud intelligence sharing platform with GDPR-compliant tokenization
Predictive cybersecurity platform providing threat intelligence services
AI-driven platform that operationalizes threat intel into risk-prioritized actions
Threat intel service focused on adversary attribution and monitoring
Threat intelligence service providing threat profiles and analytics for MDR
AI-driven scam detection via victim emulation in peer-to-peer conversations
Threat intelligence feeds covering 100+ attack types with 5-min updates
Visual link analysis platform for OSINT and threat investigations
Visual link analysis platform for OSINT investigations and data correlation
AI-powered platform identifying C2 and attack infrastructure pre-weaponization
Daily threat intel feed identifying malicious IPs with abuse classifications
Real-time IP fraud detection and risk scoring API for identifying malicious IPs
Secure collaboration platform for detecting suspicious accounts via shared signals
Cyber risk analytics & external infrastructure intelligence platform
Real-time threat intel feeds sourced from honeypots & ISP abuse reports.
Real-time threat intel platform with IP/domain reputation scoring and low false positives.
ML-based URL & domain classification API for threat and content scoring.
AI-based domain & IP threat scoring API for security product integration.
Subscription threat intel service with reports, translations & security notifications.
Managed CTI service monitoring dark web & open sources for emerging threats.
AI-powered maritime-specific cyber threat intelligence for shipping companies.
Digital threat intel platform with 300TB+ of malware data, AI analytics & forecasting.
Passive DNS intelligence platform for threat detection and investigation.
Mobile-focused threat intelligence portal for detecting and analyzing mobile threats.
Threat intel firm identifying human actors behind cyber threats.
Data fusion platform supporting the full intelligence cycle for security agencies.
Blockchain threat intel & crypto forensics platform for AML and investigations.
AI-powered threat intelligence platform with generative AI capabilities
A knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
A threat intelligence platform monitoring threat actors targeting non-human identities
Malware analysis platform using emulation-based sandbox technology
Free threat intel feed blocking malicious IPs/domains via global sensors.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
n6 is a network security incident exchange system that collects, manages, and distributes threat and incident data through REST API and web interfaces for authorized users.
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
OSTrICa is an open source plugin-based framework that collects and visualizes threat intelligence data from various sources to help cybersecurity professionals correlate IoCs and enhance their defensive capabilities.
Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
A Python library that provides an interface to query ThreatCrowd's API for threat intelligence data including email, IP, domain, and antivirus reports with built-in caching capabilities.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
A program to extract IOCs from text files using regular expressions
Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
The FASTEST Way to Consume Threat Intelligence and make it actionable.
Threat intelligence platform for detection, investigation, and response
Investigative analytics platform for threat intelligence and security ops
Dark web investigation platform with comprehensive database and analysis tools
DNS-based threat defense using predictive intelligence to block threats
API service providing IP geolocation data and intelligence for security use cases
IP intelligence platform for proxy/VPN detection and geolocation
Dark web monitoring platform for detecting data breaches and leaked data
Overlay tool providing real-time threat intel & context across security tools
File threat intelligence integration combining hash lookups & malware detection
Screens blockchain addresses for risk and provides allow/deny recommendations.
Weekly threat intelligence briefings published by VerSprite
Threat intel platform for discovering cybercrime on encrypted chat networks
AI-powered reputation engine for blocking spam, bots, and malicious IPs via API.
Domain reputation threat intelligence feeds for malicious domain detection
Database for detecting proxies, VPNs, Tor nodes, and high-risk IP addresses
API service for detecting proxies, VPNs, Tor nodes, and malicious IPs
IP address blocklist service for identifying and blocking fraudulent IPs
AI-powered URL classification & IP reputation feed/API for security vendors.
Real-time network threat prevention platform enforcing 10B+ threat indicators.
AI-powered DNS domain threat intelligence service for DDR 2.0 solutions.
Enriched threat feed for identifying malicious IPs and actors in network traffic.
Threat detection, correlation, and intel feed platform for SecOps teams.
IP intelligence, geolocation, proxy detection, and fraud prevention service
AI-powered malware detection service with web interface and API access
IP geolocation databases and APIs for location-based content and traffic analysis
Database for detecting VPNs, proxies, Tor exits, and anonymization services
Threat intelligence plugin for MikroTik RouterOS with real-time feed updates.
DentiGrid is an AI security platform that monitors, detect & prevent cyber threats.
Dark web intelligence platform for stealer log and credential exposure detection.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
A Python library for handling TAXII v1.x messages and services to enable automated threat intelligence sharing and indicator exchange.
Free URL scanner that checks links for malware, phishing, and fraud threats
Free threat intel platform for DNS data analysis and infrastructure mapping
Free contextual federated search tool for threat intelligence enrichment
Central hub for accessing Filigran products, resources, and community content
Free URL/domain/IP threat investigation tool with risk scoring & categorization.
Free mule account alert feed for banks to detect scam-linked accounts.
Scans email addresses against breach databases for personal data exposure.
Community-driven phishing URL archive operated by Cisco Talos.
Dark web threat intelligence platform for detecting & investigating cyber threats.
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).
VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.
A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A project sharing malicious URLs used for malware distribution to help protect networks.
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
Analyze suspicious files, domains, IPs, and URLs to detect malware and other breaches, and share results with the security community.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
Threat intelligence platform providing real-time threat data and insights.
Free cyber threat intelligence feeds for proactive threat detection
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
Knowledge base workflow management dashboard for YARA rules and C2 artifacts.
A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
A daily collection of IOCs from various sources, including articles and tweets.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
API for querying domain security information, categorization, and related data.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
A tool to extract indicators of compromise from security reports in PDF format.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
GCTI's open-source detection signatures for malware and threat detection
Open Source Threat Intelligence Gathering and Processing Framework
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.
Repository with projects for photo and video hashing, content moderation, and signal exchange.
A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.
Repository of IOCs provided under the Apache 2.0 license
PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.
Python package for fanging and defanging indicators of compromise in text.
ActorTrackr is an open source web application for storing, searching, and linking threat actor intelligence data from public repositories and user contributions.
CLI tool for ThreatCrowd.org with multiple query functions.
Python-based client for IBM XForce Exchange with an improved version available.
Aggregates security threats from online sources and outputs to various formats.
CyberOwl aggregates and summarizes daily security advisories from multiple CERT organizations and threat intelligence sources into consolidated reports.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.
A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
nyx is a threat intelligence artifact distribution system that facilitates the sharing of threat intelligence indicators from various sources to defensive security systems with configurable criticality levels.
Hale is a modular botnet command and control monitoring tool that tracks C&C server communications across multiple protocols with web-based analysis interface and collaborative research capabilities.
A Pythonic interface to the Internet Storm Center / DShield API
A method for profiling SSL/TLS Clients with easy-to-produce client fingerprints.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
A tool for extracting common indicators of compromise from a block of text.
A tool for extracting IOCs from various input sources and converting them into JSON format.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A framework for managing cyber threat intelligence in structured formats.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A platform for accessing threat intelligence and collaborating on cyber threats.
Freely available network IOCs for monitoring and incident response
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
A project focusing on understanding and combating threats to the Internet economy and net citizens.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
A collaborative repository documenting TTPs and attack patterns associated with malicious OIDC/OAuth 2.0 applications.
The Ransomware Tool Matrix is a repository that lists and categorizes tools used by ransomware gangs, aiding in threat hunting, incident response, and adversary emulation.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
Network threat detection platform (product page unavailable)
Cloud-native DNS filtering solution that blocks malicious domains and threats
Cloud-based DNS filtering solution for blocking malicious sites and content
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
FraudGuard is a service that provides real-time internet traffic analysis and IP tracking to help validate usage and prevent fraud.
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
OpenPhish provides real-time phishing trends, detecting new phishing URLs and targeting various brands.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
A collection of APT and cybercriminals campaigns with various resources and references.
A robust Python implementation of TAXII Services with a friendly pythonic API.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
A Django web interface for managing Yara rules with features like search, categorization, and bulk edits.
Taxii2 server for interacting with taxii services.
Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.
Generate Bro intel files from pdf or html reports.
A modular tool for collecting intelligence sources for files and outputting in CSV format.
Collect various intelligence sources for hosts in CSV format.
A modular malware collection and processing framework with support for various threat intelligence feeds.
Check the reputation of an IP address to identify potential threats.
List of publicly disclosed vulnerabilities with security filters and detailed advisories.
A platform providing an activity feed on exploited vulnerabilities.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
A collaborative platform that gathers and analyzes security data to help professionals identify and mitigate cyber threats.
Common questions security professionals ask when evaluating alternatives and competitors to EclecticIQ Intelligence Center.
The most popular alternatives to EclecticIQ Intelligence Center include Webz.io, Lunar, Hudson Rock Cybercrime Intelligence Tools, CybersecRadars, and ThreatBook Advanced Threat Intelligence (ATI). These Threat Intelligence Platforms tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
