Threat Management
Tools for identifying, assessing, and mitigating cyber threats across organizations.Explore 240 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
Collection of Yara rules for file identification and classification
Collection of Yara rules for file identification and classification
A robust Python implementation of TAXII Services with a friendly pythonic API.
A robust Python implementation of TAXII Services with a friendly pythonic API.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
Python-based client for IBM XForce Exchange with an improved version available.
Python-based client for IBM XForce Exchange with an improved version available.
A community-driven open source project providing interactive notebooks with detection logic, adversary tradecraft, and resources organized according to MITRE ATT&CK framework for threat hunting and detection development.
A community-driven open source project providing interactive notebooks with detection logic, adversary tradecraft, and resources organized according to MITRE ATT&CK framework for threat hunting and detection development.
CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.
CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
Collection of YARA signatures from recent malware research.
Collection of YARA signatures from recent malware research.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
YETI is a proof-of-concept TAXII implementation that supports Inbox, Poll, and Discovery services for automated cyber threat intelligence indicator exchange.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
Automatically curate open-source Yara rules and run scans with YAYA.
Automatically curate open-source Yara rules and run scans with YAYA.
A collection of APT and cybercriminals campaigns with various resources and references.
A collection of APT and cybercriminals campaigns with various resources and references.
Taxii2 server for interacting with taxii services.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
ThreatNote is a threat intelligence platform that provides real-time updates on emerging cybersecurity threats, vulnerabilities, and attack vectors to help organizations enhance their security posture.
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.