GOSINT Logo

GOSINT

0
Free
Visit Website

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend. Installation: Please find the installation procedure at http://gosint.readthedocs.io/en/latest/installation.html. There are three ways to get up and running: Bash install script, Docker, Manual installation. Updates: Updating is simple and encouraged as bugs are reported and fixed or new features are added. To update your instance of GOSINT, pull the latest version of GOSINT from the repository and re-run the build command to compile the updated binary: godep go build -o gosint. Configuration: GOSINT needs some quick initial configuration to start making use of it.

FEATURES

ALTERNATIVES

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring.

Facilitates distribution of Threat Intelligence artifacts to defensive systems.

Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.

A daily collection of IOCs from various sources, including articles and tweets.

Robust Python SDK and Command Line Client for interacting with IntelOwl's API.

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

A comprehensive and unrestricted dataset of security incidents for research and decision-making

msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.