ThreatTracker
ThreatTracker is an IOC tracker written in Python that periodically queries 4 Google Custom Search Engines to identify new AV definitions, malware sample submissions, malicious URLs and domains, and performs Reverse WHOIS lookup. It also monitors domain status using the Google Safe Browsing Lookup API and Google Safebrowsing Diagnosis Page. Requirements include Google APIs Client Library for Python, 1 Gmail account (to act as sender), and Google API key(s). To use the script, rules must be created in the /rules directory. Note: A sample rule (for tracking Dridex) is provided to highlight the required format. This project is still in beta, so bug reports are welcome. For questions, new data sources, or ideas, feel free to email the developer.
FEATURES
ALTERNATIVES
A repository of freely usable Yara rules for detection systems, with automated error detection workflows.
Stixview is a JS library for embeddable interactive STIX2 graphs, aiming to bridge the gap between CTI stories and structured CTI snapshots.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
Aggregator of FireHOL IP lists with HTTP-based API service and Python client package.
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A robust Python implementation of TAXII Services with a friendly pythonic API.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.