Stixview Logo

Stixview

1
Free
Visit Website

Stixview is a JS library for embeddable interactive STIX2 graphs. In addition, jupyter-widget-stixview is a Jupyter notebook widget that uses Stixview to render STIX2 graphs. CTI (Cyber Threat Intelligence) is very much about telling stories. Information becomes intelligence when it is complimented with a context and is placed in a story. These stories are usually crystallised in the reports by an intelligence provider and disseminated to the customers. If intelligence provider cares about structured machine-readable CTI, the reports produced will be supplemented with STIX2 bundles. There is a gap there between a story, narrated in a report, and a structured CTI snapshot, represented by a STIX2 bundle. The objective of Stixview library is to provide easily embeddable STIX2 graphs with necessary level of interactivity, so that CTI community can create informative and engaging stories. Demos: - STIX2.1 demo — sample graph with all STIX 2.1 objects. - Storyline — multiple graphs per page, rendering selected entities from the same STIX bundle. - Viewer — graph viewer with custom controls. - Drag-n-drop — graph views

FEATURES

ALTERNATIVES

Yara rule generator using VirusTotal code similarity feature code-similar-to.

A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.

A collection of public YARA signatures for various malware families.

CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.

A repository to aid Windows threat hunters in looking for common artifacts.

A threat hunting tool for Windows event logs to detect APT movements and decrease the time to uncover suspicious activity.

HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.

A project sharing malicious URLs used for malware distribution to help protect networks.

PINNED