Golismero
A free and open-source OSINT framework for gathering and analyzing data from various sources
Combine gathers Threat Intelligence Feeds from publicly available sources. You can run the core tool with combine.py: - usage: combine.py [-h] [-t TYPE] [-f FILE] [-d] [-e] [--tiq-test] - optional arguments: -h, --help show this help message and exit -t TYPE, --type TYPE Specify output type. Currently supported: CSV and exporting to CRITs -f FILE, --file FILE Specify output file. Defaults to harvest.FILETYPE -d, --delete Delete intermediate files -e, --enrich Enrich data --tiq-test Output in tiq-test format (implies -e) Alternately, you can run each phase individually: - python reaper.py - python thresher.py - python winnower.py - python baler.py The output will actually be a CSV with the following schema: - entity, type, direction, source, notes, date The entity field consists of a FQDN or IPv4 address (supported entities at the moment) The type field consists of either FQDN or IPv4, classifying the type of the entity The direction field will be either inbound or outbound The source field contains the original URL The notes field should cover any extra tag info we may want to persist with the data The date field will be in YYYY-MM-DD format. All fields are quoted with double-quotes (")
A free and open-source OSINT framework for gathering and analyzing data from various sources
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
Robust Python SDK and Command Line Client for interacting with IntelOwl's API.
Python-based client for IBM XForce Exchange with an improved version available.
Repository with projects for photo and video hashing, content moderation, and signal exchange.