Hiryu is a visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC. It can store mostly schemaless node and relation on local DB, and can use Neo4j GraphDB as backend. Quick Start: Requirements: Redis Neo4j (Optional): confirmed version 3.4.7 works Set up virtualenv and install python packages. Create Django Project and Install Hiryu: 1) Add 'Hiryu' to INSTALLED_APPS as follows: INSTALLED_APPS = [ ... 'Hiryu', ] 2) Edit DATABASES (e.g. postgresql) DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': '<DB name>', 'USER': '<DB user>', 'PASSWORD': '<DB password>', } }
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Automatic YARA rule generator based on Koodous reports with limited false positives.
Hippocampe is a threat feed aggregator with configurable confidence levels and a Hipposcore for determining maliciousness.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.