OpenPhish
OpenPhish provides real-time phishing trends, detecting new phishing URLs and targeting various brands.
Stixview is a JS library for embeddable interactive STIX2 graphs. In addition, jupyter-widget-stixview is a Jupyter notebook widget that uses Stixview to render STIX2 graphs. CTI (Cyber Threat Intelligence) is very much about telling stories. Information becomes intelligence when it is complimented with a context and is placed in a story. These stories are usually crystallised in the reports by an intelligence provider and disseminated to the customers. If intelligence provider cares about structured machine-readable CTI, the reports produced will be supplemented with STIX2 bundles. There is a gap there between a story, narrated in a report, and a structured CTI snapshot, represented by a STIX2 bundle. The objective of Stixview library is to provide easily embeddable STIX2 graphs with necessary level of interactivity, so that CTI community can create informative and engaging stories. Demos: - STIX2.1 demo — sample graph with all STIX 2.1 objects. - Storyline — multiple graphs per page, rendering selected entities from the same STIX bundle. - Viewer — graph viewer with custom controls. - Drag-n-drop — graph views
OpenPhish provides real-time phishing trends, detecting new phishing URLs and targeting various brands.
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
Repository of Yara signatures for detecting targeted attacks on civil society organizations
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Real-time monitoring tool for newly issued SSL certificates.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.