OSTrICa Logo

OSTrICa

0
Free
Visit Website

OSTrICa stands for Open Source Threat Intelligence Collector and is an Open Source plugin-oriented framework to collect and visualize Threat Intelligence Information. Furthermore, OSTrICa is also the Italian word for oyster: that's where the logo come from. SOC analysts, incident responders, attack investigators or cyber-security analysts need to correlate IoCs (Indicator of Compromise), network traffic patterns and any other collected data in order to get a real advantage against cyber-enemies. This is where threat intelligence comes into play, but unfortunately, not all the companies have enough budget to spend on Threat Intelligence Platform and Programs (TIPP); this is the main motivation behind OSTrICa's development. OSTrICa is a free and open source framework that allows everyone to automatically collect and visualize any sort of threat intelligence data harvested (IoCs), from open, internal and commercial sources using a plugin based architecture. The collected intelligence can be analyzed and used to enhance cybersecurity defenses.

FEATURES

ALTERNATIVES

Repository of Yara signatures for detecting targeted attacks on civil society organizations

A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.

Vectra AI offers an AI-driven Attack Signal Intelligence platform that uses advanced machine learning to detect and respond to cyber threats across hybrid cloud environments.

Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.

An open source threat intelligence platform for storing and managing cyber threat intelligence knowledge.

CAPECâ„¢ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.

Automatically create yara rules based on images embedded in office documents.

Check if an IP address was used as a Tor relay on a given date.