Tools for identifying, assessing, and mitigating cyber threats across organizations.Explore 240 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.
Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.
Globally-accessible knowledge base of adversary tactics and techniques for cybersecurity.
Repository of APT-related documents and notes sorted by year.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
A collection of Yara rules licensed under the DRL 1.1 License.
A collection of Yara rules licensed under the DRL 1.1 License.
An interactive command line application for Open Source Intelligence collection and artifact management that enables investigation of IP addresses, domains, email addresses, file hashes, and other digital artifacts.
An interactive command line application for Open Source Intelligence collection and artifact management that enables investigation of IP addresses, domains, email addresses, file hashes, and other digital artifacts.
Freely available network IOCs for monitoring and incident response
A modular malware collection and processing framework with support for various threat intelligence feeds.
A modular malware collection and processing framework with support for various threat intelligence feeds.
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.
Collect various intelligence sources for hosts in CSV format.
A project focusing on understanding and combating threats to the Internet economy and net citizens.
A project focusing on understanding and combating threats to the Internet economy and net citizens.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.