libtaxii
A Python library for handling TAXII v1.x Messages and invoking TAXII Services.
Hippocampe is a threat feed aggregator that aggregates feeds from the Internet in an Elasticsearch cluster. It provides a REST API for easy querying, allows analysts to configure confidence levels for feeds, and generates a Hipposcore to aid in determining the maliciousness of observables. It is open source under the AGPL license and integrates well with Cortex and TheHive.
A Python library for handling TAXII v1.x Messages and invoking TAXII Services.
Scan files with Yara, match findings to VirusTotal comments.
A tool for investigating incidents involving users clicking on emails with links or attachments and opening macro-enabled word documents using Sysmon.
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.