OSTrICa
OSTrICa stands for Open Source Threat Intelligence Collector and is an Open Source plugin-oriented framework to collect and visualize Threat Intelligence Information. Furthermore, OSTrICa is also the Italian word for oyster: that's where the logo come from. SOC analysts, incident responders, attack investigators or cyber-security analysts need to correlate IoCs (Indicator of Compromise), network traffic patterns and any other collected data in order to get a real advantage against cyber-enemies. This is where threat intelligence comes into play, but unfortunately, not all the companies have enough budget to spend on Threat Intelligence Platform and Programs (TIPP); this is the main motivation behind OSTrICa's development. OSTrICa is a free and open source framework that allows everyone to automatically collect and visualize any sort of threat intelligence data harvested (IoCs), from open, internal and commercial sources using a plugin based architecture. The collected intelligence can be analyzed and used to enhance cybersecurity defenses.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
Akamai Hunt is a managed threat hunting service that detects and remediates evasive security risks in network environments using data analysis, AI, and expert investigation.
InSights by InQuest is a threat intelligence platform that delivers curated feeds of IOCs and C2 information to help security teams detect and respond to emerging threats.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Real-time, container-based file scanning system for threat hunting and incident response.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.
A collection of APT and cybercriminals campaigns with various resources and references.
LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.