threat_note
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
Script for generating Bro intel files from pdf or html reports. Dependencies: poppler-utils, html2text. Usage: Download reports in html or pdf format, then feed them to the tool. Example: ./intel_generator.sh -f apt_report.pdf -p. Note: Verify indicators extracted before using in production. Supports domains, IPs, and hash indicators. Exclude specific file extensions using domain_exclude variable. Install generated intel files in Bro by copying the intel directory to /usr/local/bro/share/bro/.
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
A threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel
A platform for accessing threat intelligence and collaborating on cyber threats.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
A tool for identifying potential security threats by fetching known URLs and filtering out URLs with open redirection or SSRF parameters.
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.