bro-intel-generator Logo

bro-intel-generator

0
Free
Visit Website

Script for generating Bro intel files from pdf or html reports. Dependencies: poppler-utils, html2text. Usage: Download reports in html or pdf format, then feed them to the tool. Example: ./intel_generator.sh -f apt_report.pdf -p. Note: Verify indicators extracted before using in production. Supports domains, IPs, and hash indicators. Exclude specific file extensions using domain_exclude variable. Install generated intel files in Bro by copying the intel directory to /usr/local/bro/share/bro/.

FEATURES

ALTERNATIVES

A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.

Amazon GuardDuty is a threat detection service for AWS accounts.

Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.

Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

A tool for extracting IOCs from various input sources and converting them into JSON format.

A modular malware collection and processing framework with support for various threat intelligence feeds.

A free and open-source OSINT framework for gathering and analyzing data from various sources

Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.