cyber-threat-intelligence
There are 243 repositories under cyber-threat-intelligence topic.
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
mitre-attack/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
mitre/cti
Cyber Threat Intelligence Repository expressed in STIX 2.0
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
mytechnotalent/Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
mitre-attack/car
Cyber Analytics Repository
mitre-attack/attack-scripts
Scripts and a (future) library to improve users' interactions with the ATT&CK content
center-for-threat-informed-defense/attack-flow
Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flows for a small corpus of incidents, and creating visualization tools to display attack flows.
mxm0z/awesome-intelligence-writing
Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc
mitre-attack/attack-website
MITRE ATT&CK Website
center-for-threat-informed-defense/attack-control-framework-mappings
šØATTENTIONšØ The NIST 800-53 mappings have migrated to the Centerās Mappings Explorer project. See README below. This repository is kept here as an archive.
mitre-attack/mitreattack-python
A python module for working with ATT&CK
center-for-threat-informed-defense/tram
TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE ATT&CKĀ®.
TheHive-Project/Cortex-Analyzers
Cortex Analyzers Repository
oasis-open/cti-python-stix2
OASIS TC Open Repository: Python APIs for STIX 2
mitre-attack/attack-stix-data
STIX data representing MITRE ATT&CK
center-for-threat-informed-defense/cti-blueprints
CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable reports more consistently and efficiently.
eclecticiq/OpenTAXII
TAXII server implementation in Python from EclecticIQ
duggytuxy/malicious_ip_addresses
Lists of addresses of the most active C2, Botnets, Zombies, Scanners in European Cyber Space
travisbgreen/hunting-rules
Suricata rules for network anomaly detection
jackaduma/SecBERT
pretrained BERT model for cyber security text, learned CyberSecurity Knowledge
center-for-threat-informed-defense/insider-threat-ttp-kb
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
oasis-open/cti-stix-visualization
OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships
intelowlproject/GreedyBear
Threat Intel Platform for T-POTs
oasis-open/cti-taxii-server
OASIS TC Open Repository: TAXII 2 Server Library Written in Python
center-for-threat-informed-defense/top-attack-techniques
Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CKĀ® with a prioritized top 10 list of techniques to focus on first.
oasis-open/cti-stix2-json-schemas
OASIS TC Open Repository: Non-normative schemas and examples for STIX 2
vlegoy/rcATT
A python app to predict Att&ck tactics and techniques from cyber threat reports
oasis-open/cti-taxii-client
OASIS TC Open Repository: TAXII 2 Client Library Written in Python
curated-intel/Initial-Access-Broker-Landscape
A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
gertjanbruggink/metrics
This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
oasis-open/cti-documentation
OASIS TC Open Repository: GitHub Pages site for STIX and TAXII
OsmanKandemir/indicator-intelligence
Finds related domains and IPv4 addresses to do threat intelligence after Indicator-Intelligence collects static files.
paulveillard/cybersecurity-SOAR
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
BushidoUK/Exploring-APT-campaigns
Further investigation in to APT campaigns disclosed by private security firms and security agencies