AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel. Running tests & linter We run automated tests (for Python 2.6, 2.7 and PyPy) and flake8 linter for each repository push. View the logs at https://circleci.com/gh/abusesa/abusehelper. To run the tests locally you need to have tox installed (for example via pip install tox). Then, while in the project directory, run: $ tox Changelog See CHANGELOG.md. Security Announcements AbuseHelper Security Announcement 2016-01. Summary: Multiple places failed to check X.509 certificates leading to possibility to MITM connections. Community extensions This project provides the core AbuseHelper functionality, including choice bots and tools. The AbuseHelper Community repository builds upon the core, for example by offering a fine selection of community-maintained bots. License Files are (c) respective copyright holders if named in the specific file, everything else is current (c) by Synopsys, Inc. Everything is licensed under MIT license, see LICENSE.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.
A comprehensive Continuous Threat Exposure Management platform that combines AI-driven vulnerability assessment, penetration testing, and attack surface management to help organizations discover, prioritize, and remediate security vulnerabilities.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.