bro-intel-generator Logo

bro-intel-generator

0
Free
Visit Website

Script for generating Bro intel files from pdf or html reports. Dependencies: poppler-utils, html2text. Usage: Download reports in html or pdf format, then feed them to the tool. Example: ./intel_generator.sh -f apt_report.pdf -p. Note: Verify indicators extracted before using in production. Supports domains, IPs, and hash indicators. Exclude specific file extensions using domain_exclude variable. Install generated intel files in Bro by copying the intel directory to /usr/local/bro/share/bro/.

FEATURES

ALTERNATIVES

A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.

ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.

A curated list of resources for learning about deploying, managing, and hunting with Microsoft Sysmon.

Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.

Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.

CLI tool for ThreatCrowd.org with multiple query functions.

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

Check the reputation of an IP address to identify potential threats.