Jager
Jager is a tool for pulling useful IOCs (indicators of compromise) out of various input sources (PDFs for now, plain text really soon, webpages eventually) and putting them into an easy to manipulate JSON format. Short Comings: - Doesn't do OCR, so CrowdStrike's 'Images only' PDFs don't work well. - Text analysis feature is planned for OCR by hand. - Regex's need improvement for better performance. - Some manual work needed for group names or attribution. Use: To analyze a PDF: python jager.py -i foo.pdf -o bar.json To analyze a directory of PDFs: python jager.py -d ~/foo -o ~/bar Features for the Future: - New Analysis Modes - Webpages - Plain Text - New Indicator Types: URLs, File Paths, Registry Keys - More Useful Output
FEATURES
ALTERNATIVES
MaxMind provides accurate IP geolocation and online fraud detection solutions to create safer digital experiences.
Cisco Umbrella is a cloud security platform that offers protection against threats on the internet by blocking malicious activity.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
Official repository of YARA rules for threat detection and hunting
A reference implementation for collecting events and performing CAR analytics to detect potential adversary activity.
Packet Storm is a global security resource providing around-the-clock information and tools to mitigate personal data and fiscal loss on a global scale.
A nonprofit security organization that collects and shares threat data to make the Internet more secure.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.