Repository navigation
threatintelligence
- Website
- Wikipedia
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Actionable analytics designed to combat threats
This repository contains indicators of compromise (IOCs) of our various investigations.
A collection of intelligence about Log4Shell and its exploitation activity.
This script will automatically set up an OSINT workstation starting from a Ubuntu OS.
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
BlackBerry Threat Research & Intelligence
A reverse search tool for OSINT (Open Source Intelligence) gathering & facial recognition via Google Custom Search & Google Vision API's.
Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack
Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.
A BASH script to automate simple tasks related to static malware analysis
A collection of Go tools I make while I learn a little about GoLang.
IOCs that appear in this repository are meant to be long-lasting indicators of compromise.
A collection of intel scraped from various cybercrime sources & forums
Publicly available threat intelligence reports
A new way for you to structure your threat content.
A comprehensive security tool for detecting malicious domains that bypass DNS security controls. DNS Gap Hunter evaluates the effectiveness of DNS Firewalls and sinkhole mechanisms by testing them against domains from multiple threat intelligence sources, identifying security gaps, and providing detailed reports.