OSTrICa Logo

OSTrICa

0
Free
Visit Website

OSTrICa stands for Open Source Threat Intelligence Collector and is an Open Source plugin-oriented framework to collect and visualize Threat Intelligence Information. Furthermore, OSTrICa is also the Italian word for oyster: that's where the logo come from. SOC analysts, incident responders, attack investigators or cyber-security analysts need to correlate IoCs (Indicator of Compromise), network traffic patterns and any other collected data in order to get a real advantage against cyber-enemies. This is where threat intelligence comes into play, but unfortunately, not all the companies have enough budget to spend on Threat Intelligence Platform and Programs (TIPP); this is the main motivation behind OSTrICa's development. OSTrICa is a free and open source framework that allows everyone to automatically collect and visualize any sort of threat intelligence data harvested (IoCs), from open, internal and commercial sources using a plugin based architecture. The collected intelligence can be analyzed and used to enhance cybersecurity defenses.

FEATURES

ALTERNATIVES

A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.

Intelligence feeds for cybersecurity professionals to stay informed about emerging threats and trends.

Automatically curate open-source Yara rules and run scans with YAYA.

Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.

Robust Python SDK and Command Line Client for interacting with IntelOwl's API.

Repository of YARA rules for identifying and classifying malware.

A collection of tools and resources for threat hunters.

The Ransomware Tool Matrix is a repository that lists and categorizes tools used by ransomware gangs, aiding in threat hunting, incident response, and adversary emulation.