A system for collecting, managing, and distributing security information on a large scale, developed by CERT Polska.
Harbinger is a threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon. It can also be used in file analysis mode or single item mode. Usage: harbinger.py [-h] [-i IP] [-d DOMAIN] [-a HASH] [-fd FILE_DOMAIN] [-fi FILE_IP] [-fh FILE_HASH] [--api API] [--vtapi VTAPI] Threat Intelligence usage: harbinger.py [-h] [-i IP] [-d DOMAIN] [-a HASH] [-fd FILE_DOMAIN] [-fi FILE_IP] [-fh FILE_HASH] [--api API] [--vtapi VTAPI] optional arguments: -h, --help show this help message and exit -i IP, --ip IP ip address to check -d DOMAIN, --domain DOMAIN domain to check -a HASH, --hash HASH hash to check -fd FILE_DOMAIN, --file-domain FILE_DOMAIN file with domain list to check. One per line. -fi FILE_IP, --file-ip FILE_IP file with ip list to check. One per line. -fh FILE_HASH, --file-hash FILE_HASH file with hash list to check. One per line. --api API API key to use --vtapi VTAPI VT API key to use
A system for collecting, managing, and distributing security information on a large scale, developed by CERT Polska.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Repository of automatically generated YARA rules from Malpedia's YARA-Signator with detailed statistics.
GCTI's open-source detection signatures for malware and threat detection