Threat Intelligence
Browse 1,295 threat intelligence tools
FEATURED
A list of most queried domains based on passive DNS usage across the Umbrella global network.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
A comprehensive guide to digital forensics and incident response, covering incident response frameworks, digital forensic techniques, and threat intelligence.
A comprehensive guide to digital forensics and incident response, covering incident response frameworks, digital forensic techniques, and threat intelligence.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
A new approach to computer network defense that leverages knowledge about advanced persistent threats, using a kill chain model to describe phases of intrusions and map adversary kill chain indicators to defender courses of action.
A new approach to computer network defense that leverages knowledge about advanced persistent threats, using a kill chain model to describe phases of intrusions and map adversary kill chain indicators to defender courses of action.
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
Weekly cybersecurity newsletter covering security incidents, AI, and leadership
Weekly cybersecurity newsletter covering security incidents, AI, and leadership
Threat intelligence and digital risk protection platform
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
PyIOCe is a Python-based OpenIOC editor that enables security professionals to create, edit, and manage Indicators of Compromise for threat intelligence and incident response operations.
Aggregates security threats from online sources and outputs to various formats.
Aggregates security threats from online sources and outputs to various formats.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
A collection of YARA rules for public use, built from intelligence profiles and file work.
A collection of YARA rules for public use, built from intelligence profiles and file work.
GCTI's open-source detection signatures for malware and threat detection
GCTI's open-source detection signatures for malware and threat detection
A minimal library to generate YARA rules from JAVA with maven support.
A minimal library to generate YARA rules from JAVA with maven support.
A program to extract IOCs from text files using regular expressions
A program to extract IOCs from text files using regular expressions
Endpoint protection platform using zero trust architecture and containment
Endpoint protection platform using zero trust architecture and containment
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
A web-based visualization tool for navigating and annotating MITRE ATT&CK matrices to support threat analysis, defensive planning, and security coverage assessment.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A neo4j-based data management platform with command-line interface for analyzing cyber threat indicators and other data points through graph database traversal.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
A framework for managing cyber threat intelligence in structured formats.
A framework for managing cyber threat intelligence in structured formats.
