Harbinger Logo

Harbinger

0
Free
Visit Website

Harbinger is a threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon. It can also be used in file analysis mode or single item mode. Usage: harbinger.py [-h] [-i IP] [-d DOMAIN] [-a HASH] [-fd FILE_DOMAIN] [-fi FILE_IP] [-fh FILE_HASH] [--api API] [--vtapi VTAPI] Threat Intelligence usage: harbinger.py [-h] [-i IP] [-d DOMAIN] [-a HASH] [-fd FILE_DOMAIN] [-fi FILE_IP] [-fh FILE_HASH] [--api API] [--vtapi VTAPI] optional arguments: -h, --help show this help message and exit -i IP, --ip IP ip address to check -d DOMAIN, --domain DOMAIN domain to check -a HASH, --hash HASH hash to check -fd FILE_DOMAIN, --file-domain FILE_DOMAIN file with domain list to check. One per line. -fi FILE_IP, --file-ip FILE_IP file with ip list to check. One per line. -fh FILE_HASH, --file-hash FILE_HASH file with hash list to check. One per line. --api API API key to use --vtapi VTAPI VT API key to use

FEATURES

ALTERNATIVES

YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.

A PowerShell module for threat hunting via Windows Event Logs

CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.

A collection of Yara rules for the Burp Yara-Scanner extension to identify malicious software on websites.

MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.

A simple, self-contained modular host-based IOC scanner for incident responders.

A Splunk app mapped to MITRE ATT&CK to guide threat hunts.

Generate Bro intel files from pdf or html reports.

PINNED