Umbrella Investigate provides an API that allows querying for: Domain categorization, Security information about a domain, Co-occurrences for a domain, Related domains for a domain, Domains related to an IP, Domain tagging dates for a domain, DNS RR history for a domain, WHOIS information, WHOIS information for an email, WHOIS information for a nameserver, Historical WHOIS information for a domain, Latest malicious domains for an IP. To use the Investigate API wrapper import InvestigateApi class from threat_intel.opendns module: from threat_intel.opendns import InvestigateApi. To initialize the API wrapper you need the API key: investigate = InvestigateApi("<INVESTIGATE-API-KEY-HERE>"). You can also specify a file name where the API responses will be cached in a JSON file, to save you the bandwidth for the multiple calls about the same domains or IPs: investigate = InvestigateApi("<INVESTIGATE-API-KEY-HERE>", cache_file_name="/tmp/cache.opendns.json"). Domain categorization Calls domains/categorizat
FEATURES
ALTERNATIVES
An informational repo about hunting for adversaries in your IT environment.
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
A collection of public YARA signatures for various malware families.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.