Threat Intelligence
Explore 726 curated cybersecurity tools, with 15,190 visitors searching for solutions
FEATURED
A collection of YARA rules for public use, built from intelligence profiles and file work.
A collection of YARA rules for public use, built from intelligence profiles and file work.
GCTI's open-source detection signatures for malware and threat detection
GCTI's open-source detection signatures for malware and threat detection
A minimal library to generate YARA rules from JAVA with maven support.
A minimal library to generate YARA rules from JAVA with maven support.
A program to extract IOCs from text files using regular expressions
A program to extract IOCs from text files using regular expressions
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A framework for managing cyber threat intelligence in structured formats.
A framework for managing cyber threat intelligence in structured formats.
Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.
Troje is a honeypot that creates dynamic LXC container environments to attract and monitor attackers while recording their activities and system changes.
HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.
HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A Linux distribution designed for threat emulation and threat hunting, integrating attacker and defender tools for identifying threats in your environment.
A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.
A data visualization and statistical analysis tool for measuring the quality and effectiveness of threat intelligence indicator feeds through various analytical tests.
PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.
PyIntelOwl is a Python SDK and CLI client for interacting with IntelOwl's threat intelligence API to submit files and observables for automated security analysis.
KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.
KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
A python3 application for querying sites hosting publicly pasted data and scanning for sensitive information.
Analyze suspicious files, domains, IPs, and URLs to detect malware and other breaches, and share results with the security community.
Analyze suspicious files, domains, IPs, and URLs to detect malware and other breaches, and share results with the security community.
n6 is a network security incident exchange system that collects, manages, and distributes threat and incident data through REST API and web interfaces for authorized users.
n6 is a network security incident exchange system that collects, manages, and distributes threat and incident data through REST API and web interfaces for authorized users.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.
