TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other scan modules. The main goal of this project is easy operationalization of YARA rules and other indicators of compromise. Users need to bring their own rule sets. Spyre is intended to be used as an investigation tool by incident responders, not as an endpoint protection service. Getting Started: Using Spyre is easy - add YARA signatures. In its default configuration, Spyre will read YARA rules for file and process scanning from filescan.yar and procscan.yar, respectively. Various options exist for providing rules files to Spyre.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
Automatically curate open-source Yara rules and run scans with YAYA.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
Open-source initiative providing malicious and benign datasets to expedite data analysis and threat research.
Collect various intelligence sources for hosts in CSV format.