Windows-Hunting
A repository to aid Windows threat hunters in looking for common artifacts.
Taxii2 server based on Node.js with MongoDB backend, designed for preview purposes only. Requires modern Linux installation with specific packages installed. Provides endpoints for interacting with taxii services.
A repository to aid Windows threat hunters in looking for common artifacts.
Facilitates distribution of Threat Intelligence artifacts to defensive systems.
A daily collection of IOCs from various sources, including articles and tweets.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.