Displaying 1 to 6 from 6 results

MISP - MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform)

  •    PHP

MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently. The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System (NIDS), LIDS but also log analysis tools, SIEMs.

misp-book - User guide of MISP

  •    CSS

User guide for MISP (Malware Information Sharing Platform) - An Open Source Threat Intelligence Sharing Platform. This user guide is intended for ICT professionals such as security analysts, security incident handlers, or malware reverse engineers who share threat indicators using MISP or integrate MISP into other security monitoring tools. The user guide includes day-to-day usage of the MISP's graphical user interface along with its automated interfaces (API), in order to integrate MISP within a security environment. and many other contributors especially the ones during the MISP hackathons.

misp-compliance - Legal, procedural and policies document templates for operating MISP and information sharing communities

  •    

Legal, procedural and policies document templates for operating MISP and information sharing communities following existing regulations, laws or policies. This repository is a collaborative effort to improve the state of information sharing and exchange within and outside the MISP Project.

misp-objects - Definition, description and relationship types of MISP objects

  •    Python

MISP objects used in MISP (starting from 2.4.80) system and can be used by other information sharing tool. MISP objects are in addition to MISP attributes to allow advanced combinations of attributes. The creation of these objects and their associated attributes are based on real cyber security use-cases and existing practices in information sharing. Feel free to propose your own MISP objects to be included in MISP. The system is similar to the misp-taxonomies where anyone can contribute their own objects to be included in MISP without modifying software.




misp-takedown - A curses-style interface for automatic takedown notification based on MISP events.

  •    Python

A curses-style interface for generating automatic takedown notifications through RT/RTIR using MISP events as input. This code is a surprisingly well working result of an experiment. However, the code needs improvements here and there. Also, the installation process regarding urlabuse, uwhoisd, MISP and RT/RTIR is not the most straight forward. We'd be happy to find contributors for code improvements and installation documentation. Both could be part of an internship at CIRCL. Reach out if you are interested.

MISP-Taxii-Server - An OpenTAXII Configuration for MISP

  •    Python

A set of configuration files to use with EclecticIQ's OpenTAXII implementation, along with a callback for when data is sent to the TAXII Server's inbox. You'll then need to set up your TAXII database. As you're using MISP, you'll likely already have a MySQL environment running.