misp
There are 194 repositories under misp topic.
MISP/MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
eset/malware-ioc
Indicators of Compromises (IOC) of our various investigations
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
thalesgroup-cert/Watcher
Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Bert-JanP/Open-Source-Threat-Intel-Feeds
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.
MISP/misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
MISP/misp-galaxy
Clusters and elements to attach to MISP events or attributes (like threat actors)
MISP/PyMISP
Python library using the MISP Rest API
V1D1AN/S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
TheHive-Project/TheHiveDocs
Documentation of TheHive
OpenCTI-Platform/connectors
OpenCTI Connectors
cloudtracer/ThreatPinchLookup
Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension
MISP/misp-modules
Modules for expansion services, enrichment, import and export in MISP and other tools.
MISP/x_old_misp_docker
MISP Docker (XME edition)
tenzir/threatbus
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
MISP/misp-book
User guide of MISP
coolacid/docker-misp
A (nearly) production ready Dockered MISP
MISP/misp-dashboard
A live dashboard for a real-time overview of threat intelligence from MISP instances
harvard-itsecurity/docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
pe3zx/mthc
All-in-one bundle of MISP, TheHive and Cortex
MISP/misp-playbooks
MISP Playbooks
MISP/MISP-maltego
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
davidonzo/Threat-Intel
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
tylabs/dovehawk
Dovehawk is a Zeek module that automatically imports MISP indicators and reports Sightings
MISP/docker-misp
Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
MISP/misp-objects
Definition, description and relationship types of MISP objects
cerebrate-project/cerebrate
Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.
MISP/MISP-Taxii-Server
An OpenTAXII Configuration for MISP
0xThiebaut/sigmai
Import specific data sources into the Sigma generic and open signature format.
jonrau1/SyntheticSun
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
conix-security/BTG
BTG's purpose is to make fast and efficient search on IOC
MISP/misp-cloud
misp-cloud - Cloud-ready images of MISP
MISP/mail_to_misp
Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.