Oriana
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
A Google sheet spreadsheet containing a comprehensive list of APT groups and operations, providing a reference for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors. The spreadsheet includes tabs for different countries and regions, as well as an 'Unknown' tab for groups with no attribution. It also highlights overlaps between different groups and provides a search function for easy lookup. The spreadsheet is licensed under CC Creative Commons - Attribution 4.0 International (CC BY 4.0) and is open for contributions from threat intel researchers, malware analysts, and vendor representatives.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
VirusTotal API v3 is a threat intelligence platform for scanning files, URLs, and IP addresses, and retrieving reports on threat reputation and context.
Threat hunter based on osquery and Salt Open, querying open network sockets against threat intelligence sources.
A project sharing malicious URLs used for malware distribution to help protect networks.
Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.
A collection of public YARA signatures for various malware families.