Threat Intelligence Platforms
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
Explore 280 curated cybersecurity tools, with 15,216 visitors searching for solutions
FEATURED
RELATED TASKS
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.
Open Source Threat Intelligence Gathering and Processing Framework
Open Source Threat Intelligence Gathering and Processing Framework
The FASTEST Way to Consume Threat Intelligence and make it actionable.
The FASTEST Way to Consume Threat Intelligence and make it actionable.
A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.
A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.
ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).
ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).
A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.
A tool that checks if domains are present in Alexa or Cisco top one million domain lists for reputation assessment and threat analysis.
Tool for managing Yara rules on VirusTotal
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
Developer documentation providing REST API and SDK resources for ThreatConnect platform integration across Python, Java, and JavaScript environments.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.
Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
Threat intelligence platform providing real-time threat data and insights.
Threat intelligence platform providing real-time threat data and insights.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
Repository of IOCs provided under the Apache 2.0 license
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.
A publicly available dataset of security incidents designed to support cybersecurity research and threat analysis.
Threat Intelligence Platforms Tools - FAQ
Common questions about Threat Intelligence Platforms tools including selection guides, pricing, and comparisons.
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
