/docs

The knowledge base reference to the MeliCERTes project

Creative Commons Zero v1.0 UniversalCC0-1.0

MeliCERTes Project - knowledge base

MeliCERTes logo

The knowledge base includes all the reference to software and components including in MeliCERTes. As MeliCERTes CSP is composed of various projects, this repository gives an easy access to documentations available for users, developers and contributors of the MeliCERTes CSP project.

Overall philosophy

Cerebrate is the central component of the MeliCERTes eco-system, providing directory services, information sharing related meta information as well as orchestration services for the local tools it interconnects with. All of the local tool components of MeliCERTes are autonomous and can work without Cerebrate, with the latter providing services to facilitate the management and configuration of the connected tools. The architecture provides a high level of resilience without sacrificing each organisation's abilities to pick and choose the components they wish to run based on their specific needs.

Cerebrate

Official link cerebrate
Description The Cerebrate Sync Platform core software. Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
Install Documentation INSTALL
Hardware Requirements Requirements
User Documentation
FAQ
Issues Cerebrate Issues
Training materials Cerebrate Training Materials
Virtual Image

MISP

Official link MISP
Description MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform)
Install Documentation INSTALL
Hardware Requirements Requirements
User Documentation misp-book
FAQ FAQ
Issues MISP Issues
Training materials MISP Training Materials
Virtual Image MISP VM
Security Reporting and Issues security

IntelMQ

Official link IntelMQ
Description IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Install Documentation https://intelmq.readthedocs.io/en/latest/user/installation.html
Hardware Requirements Requirements
User Documentation https://intelmq.readthedocs.io/en/latest/#user-guide
FAQ https://intelmq.readthedocs.io/en/latest/user/FAQ.html
Issues https://github.com/certtools/intelmq/issues
Training materials https://github.com/certtools/intelmq-tutorial/
Virtual Image
Security Reporting and Issues Security

MWDB Core

Official link MWDB Core
Description Malware repository component for automated malware collection/analysis systems.
Install Documentation https://mwdb.readthedocs.io/en/latest/setup-and-configuration.html
User Documentation https://mwdb.readthedocs.io/en/latest/user-guide/index.html
FAQ -
Issues https://github.com/CERT-Polska/mwdb-core/issues
Training materials https://www.first.org/events/training/ws-mar-apr2021/#pBuild-Your-Own-Malware-Analysis-Pipeline-Using-New-Open-Source-Tools
Virtual Image -
Security Reporting and Issues -

Karton

Official link Karton
Description Distributed malware processing framework based on Python, Redis and MinIO.
Install Documentation https://karton-core.readthedocs.io/en/latest/getting_started.html
User Documentation https://karton-core.readthedocs.io/
FAQ -
Issues https://github.com/CERT-Polska/karton/issues
Training materials https://www.first.org/events/training/ws-mar-apr2021/#pBuild-Your-Own-Malware-Analysis-Pipeline-Using-New-Open-Source-Tools
Virtual Image -
Security Reporting and Issues -

AIL Project

Official link AIL Project
Description AIL Project is an open source framework composed of different modules to collect, crawl, dig and analyse unstructured data. AIL includes an extensible Python-based framework for analysis of unstructure information collected via an advanced Crawler manager (such as Tor hidden services) or from different feeders (such as Twitter, Discord, Telegram Stream providers) or custom feeders.
Install Documentation INSTALL
Hardware Requirements
User Documentation
FAQ
Issues AIL Project issues
Training materials AIL training materials
Virtual Image
Security Reporting and Issues security

Taranis NG

Official link Taranis NG
Description Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows osint gathering, analysis and reporting; team-to-team collaboration; and contains a user portal for simple self asset management.
Install Documentation INSTALL
Hardware Requirements Requirements
User Documentation -
FAQ -
Issues Taranis NG issues
Training materials -
Virtual Image -
Security Reporting and Issues security