threatintelligence

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

Actionable analytics designed to combat threats

This repository contains indicators of compromise (IOCs) of our various investigations.

A collection of intelligence about Log4Shell and its exploitation activity.

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

BlackBerry Threat Research & Intelligence

A reverse search tool for OSINT (Open Source Intelligence) gathering & facial recognition via Google Custom Search & Google Vision API's.

Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack

Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.

A collection of intel and usernames scraped from various cybercrime sources & forums. DarkForums, HackForums, Patched, Cracked, BreachForums, LeakBase, & more

Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.

A collection of Go tools I make while I learn a little about GoLang.

A BASH script to automate simple tasks related to static malware analysis

IOCs that appear in this repository are meant to be long-lasting indicators of compromise.

Publicly available threat intelligence reports

NGSOTI

A new way for you to structure your threat content.

Mirror for TLP:WHITE papers