Repository containing MITRE ATT&CK and CAPEC datasets in STIX 2.0 for cybersecurity threat modeling.
IntelOwl is an Open Source solution for management of Threat Intelligence at scale. It integrates a number of analyzers available online and a lot of cutting-edge malware analysis tools. Features: * Enrichment of Threat Intel for files as well as observables (IP, Domain, URL, hash, etc). * A Fully-fledged REST APIs written in Django and Python. * An easy way to be integrated in your stack of security tools to automate common jobs usually performed, for instance, by SOC analysts manually. * (Thanks to the official libraries pyintelowl and go-intelowl) * A built-in GUI: provides features such as dashboard, visualizations of analysis data, easy to use forms for requesting new analysis, etc. * A framework composed of modular components called Plugins: analyzers that can be run to either retrieve data from external sources (like VirusTotal or AbuseIPDB) or to generate intel from scratch.
Repository containing MITRE ATT&CK and CAPEC datasets in STIX 2.0 for cybersecurity threat modeling.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
A collection of tools and resources for threat hunters.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.