ThreatTracker Logo

ThreatTracker

0
Free
Visit Website

ThreatTracker is an IOC tracker written in Python that periodically queries 4 Google Custom Search Engines to identify new AV definitions, malware sample submissions, malicious URLs and domains, and performs Reverse WHOIS lookup. It also monitors domain status using the Google Safe Browsing Lookup API and Google Safebrowsing Diagnosis Page. Requirements include Google APIs Client Library for Python, 1 Gmail account (to act as sender), and Google API key(s). To use the script, rules must be created in the /rules directory. Note: A sample rule (for tracking Dridex) is provided to highlight the required format. This project is still in beta, so bug reports are welcome. For questions, new data sources, or ideas, feel free to email the developer.

FEATURES

ALTERNATIVES

In-depth analysis of real-world attacks and threat tactics

A project focusing on understanding and combating threats to the Internet economy and net citizens.

Yara rule generator using VirusTotal code similarity feature code-similar-to.

Python-based client for IBM XForce Exchange with an improved version available.

RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.

A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.

PINNED