#Cyber-threat-intelligence
Showing 56 of 56 repositories tagged #cyber-threat-intelligence, ranked by stars
IntelOwl: manage your Threat Intelligence at scale
Web app that provides basic navigation and annotation of ATT&CK matrices
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
Cyber Analytics Repository
This Repository is a collection of different ethical hacking tools and malware's for penetration testing and research purpose written in python, ruby, rust, c++, go and c.
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
A python module for working with ATT&CK
A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.
STIX data representing MITRE ATT&CK
Scripts and a (future) library to improve users' interactions with the ATT&CK content
Data-Shield IPv4 Blocklist Community provides an official, curated registry of IPv4 addresses identified as malicious. Updated continuously, this resource offers vital threat intelligence to bolster your Firewall and WAF instances,...
MITRE ATT&CK Website
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CKยฎ.
๐จATTENTION๐จ The NIST 800-53 mappings have migrated to the Centerโs Mappings Explorer project. See README below. This repository is kept here as an archive.
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
Agentic OSINT toolkit. Autonomous identity triangulation, 6-dimension cognitive profiling, breach analysis. CLI-first. 30+ platforms. 5 languages.
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
Threat Intel Platform for T-POTs
Suricata rules for network anomaly detection
OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships
Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CKยฎ with a prioritized top 10 list of techniques to focus on first.
Repository for SOC analysts, queries to investigate, advanced hunting, sites for analysis, malware samples, courses to improve skills, IOC and monitoring.
This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
STIX2 graph visualisation library in JS
Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers
Further investigation in to APT campaigns disclosed by private security firms and security agencies
Extracting Attack Behavior from Threat Reports
This repository contains 130 malware and ransomware samples for research and analysis purposes.
The DNA test for websites
๐จATTENTION๐จ The VERIS mappings have migrated to the Centerโs Mappings Explorer project. See README below. This repository is kept here as an archive.
TIE is a machine learning model for inferring associated MITRE ATT&CK techniques from previously observed techniques.
Chista | Open Threat Intelligence Framework
A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the necessary hardware and setup and finally provide some examples of how you can use the power of Zeek to have absolute control over your network.
ATT&CK Evaluations website (DEPRECATED)
Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
A single script to install important Pentesting Tools and wordlists on Debian based Linux OS.
SEKOIA.IO Documentation - The Intelligence-Driven SaaS SIEM
A collection of awesome software, libraries, learning tutorials, documents and books, technical resources and cool stuff about Blue Team in Cybersecurity.
Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.
OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/cti-stix-generator
This repository contains detailed Capture The Flag (CTF) writeups for challenges completed on CyberDefenders, TryHackMe, BTLO, and more. The writeups are provided in PDF format and cover areas such as digital forensics, malware analysis, network analysis and much more.
Automated threat intel feed parsing and consolidation๐ป๐พ๐ค
Penguin OS Forensic (or Flight) Recorder
Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE ATT&CKยฎ techniques observed to give defenders real data on technique prevalence.
Alguns links legais para quem gostaria de entender mais sobre os fundamentos de CTI. Pra quem gostaria de contribuir, sรณ aceitarei PR relacionado a conteรบdos teรณricos, como blogs, podcasts, videos, livros sendo conteรบdos grรกtis ou baratos.
IOC Data Obtained From Karakurt Hacking Team's Internal Infrastructure
STIX 2.x Java Library
Pipeline for creating shellcode from a nostd rust project.
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Decentralized Cyber Threat Intelligence Kaizen Framework
STIX2 graph widget for Jupyter notebooks, powered by stixview library
A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts.
Practice CTI Quiz