Oriana
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
A wrapper around the yara-python project that provides change tracking of yara files, directories, or git repositories, file and data scanning with meta data filtering, distributed scanning processes for multi-core systems, and a command line interface. Python examples include loading a single yara file and scanning data.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
A project focusing on understanding and combating threats to the Internet economy and net citizens.
CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
Proof-of-concept implementation of TAXII services for developers and non-developers.