misp

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Indicators of Compromises (IOC) of our various investigations

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

ThePhish: an automated phishing email analysis tool

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Extract and aggregate threat intelligence.

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Clusters and elements to attach to MISP events or attributes (like threat actors)

Python library using the MISP Rest API

OpenCTI Connectors

This project is a SIEM with SIRP and Threat Intel, all in one.

Documentation of TheHive

Documentation and Sharing Repository for ThreatPinch Lookup Chrome & Firefox Extension

Modules for expansion services, enrichment, import and export in MISP and other tools.

MISP Docker (XME edition)

User guide of MISP

🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.

A (nearly) production ready Dockered MISP