IntelOwl is an Open Source solution for management of Threat Intelligence at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. Features: * Enrichment of Threat Intel for files as well as observables (IP, Domain, URL, hash, etc). * A Fully-fledged REST APIs written in Django and Python. * An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. * (Thanks to the official libraries pyintelowl and go-intelowl) * A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc. * A framework composed of modular components called Plugins: analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from scratch.
FEATURES
ALTERNATIVES
Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.
RedEye is a visual analytic tool for enhancing Red and Blue Team operations.
A summary of the threat modeling posts and final thoughts on the process
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.