bro-intel-generator
Script for generating Bro intel files from pdf or html reports. Dependencies: poppler-utils, html2text. Usage: Download reports in html or pdf format, then feed them to the tool. Example: ./intel_generator.sh -f apt_report.pdf -p. Note: Verify indicators extracted before using in production. Supports domains, IPs, and hash indicators. Exclude specific file extensions using domain_exclude variable. Install generated intel files in Bro by copying the intel directory to /usr/local/bro/share/bro/.
FEATURES
SIMILAR TOOLS
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
A summary of the threat modeling posts and final thoughts on the process
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
Automated framework for collecting and processing samples from VirusTotal with YARA rule integration.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
Darkscope is an AI-powered threat intelligence platform that uses virtual personas to monitor the dark web, social media, and deep web for cyber threats and security risks targeting organizations.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
A cybersecurity tool with online demo, mailing list, and multiple installation methods.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.