Do you ever wonder if there is an easier way to retrieve, store, and maintain all your threat intelligence data? Random user, meet Forager. Not all threat intel implementations require a database that is 'correlating trillions of data points..' and instead, you just need a simple interface, with simple TXT files, that can pull threat data from other feeds, PDF threat reports, or other data sources, with minimal effort. With 15 pre-configured threat feeds, you can get started with threat intelligence feed management today.. Right now.. Do it! Features At A Glance: - Fetch intel from URL's using modular feed functions - Extract domain, md5, sha1, sha256, IPv4, and YARA indicators - Search through the current intel set by single IP or with an IOC file - Generate JSON feeds for consumption by CarbonBlack - Serves up a Simple HTTP JSON feed server for CarbonBlack Requirements: Requires Python 3! argparse xlrd pdfminer3k colorama (for pretty colored output) You can install all requirements with the included requirements.txt file pip3 install -r requirements.txt Feeds: --feeds list -- Lists all feeds and allows the user to choose a single feed to update. update -- Updates all feed modules
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A project sharing malicious URLs used for malware distribution to help protect networks.
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.