Threat Management
236 tools and resources
FEATURED
Feature Your Cybersecurity Product
Showcase your innovative cybersecurity solution to our dedicated audience of security professionals.
Boost Your VisibilityNEW
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
Threat intelligence platform providing real-time threat data and insights.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
A repository of cybersecurity datasets and tools curated by @sooshie.
Check if an IP address was used as a Tor relay on a given date.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
Advanced threat prevention and detection platform leveraging Deep CDR, Multiscanning, and Sandbox technologies to protect against data breaches and ransom attacks.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
A comprehensive and unrestricted dataset of security incidents for research and decision-making
Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.