IntelMQ
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
Threatnote.io is a comprehensive Threat Intelligence Program Management Solution that helps manage the entire CTI lifecycle. It offers features such as tracking threat hunting activity, managing intelligence requirements and stakeholders, beautiful stakeholder reporting, collection management framework, and integrations with various 3rd party tools and services. Additionally, it provides actor tracking, rule repository, and supports multiple syntax formats. It also enables enrichment of data by connecting with various tools and services, providing stakeholders with more visibility and showcasing the value of the CTI program. The platform supports tracking of threat groups targeting specific verticals, documenting threats faced by industries, identifying and managing MITRE ATT&CK TTP's, associating threat hunts with threat groups, and tracking targeted regions and sectors for analytics.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.
Gathers Threat Intelligence Feeds from publicly available sources and provides detailed output in CSV format.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
A Python library for handling TAXII v1.x Messages and invoking TAXII Services.