A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
The Honeynet Project Acapulco app bundles a Splunk application that can be deployed on a central server to automatically generate meta-events from several hpfeeds channels. This events are clustered using DBSCAN or K-means algorithms and displayed at an external client using parallel coordinates graphs based on the D3.js visualization library. License: The Acapulco Project software is licensed under the GNU GPL license. Installation: You can install the Acapulco Splunk app and the visualization client in a few simple steps. Once you have downloaded the bundle, you can follow the usual Splunk instructions for installing a new application. Just unzip the file in your splunk/etc/apps directory and start Splunk to configure it. Once the application is correctly configured and hpfeeds has done its magic, you will be able to create a new file containing all meta-events from hpfeeds log files. In order to do this, just execute the runner.py script with the logging file as input parameter. Two new files for meta-events will be created, one with plain features and a second one where the values of the features are clustered. These new events will provide valuable insights for cybersecurity professionals.
A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
A Python library for handling TAXII v1.x Messages and invoking TAXII Services.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
A simple, self-contained modular host-based IOC scanner for incident responders.
Automatically curate open-source Yara rules and run scans with YAYA.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.