We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
MISP - MISP (core software) - Open Source Threat Intelligence Platform (formely known as Malware Information Sharing Platform)
MISP, is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threat about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reverser to support their day-to-day operations to share structured informations efficiently. The objective of MISP is to foster the sharing of structured information within the security community and abroad. MISP provides functionalities to support the exchange of information but also the consumption of the information by Network Intrusion Detection System (NIDS), LIDS but also log analysis tools, SIEMs.
misp threat-sharing threat-hunting threatintel malware-analysis stix information-exchange fraud-management tip security cti cybersecurity fraud-detection fraud-prevention threat-analysis information-security information-sharing threat-intelligence threat-intelligence-platform intelligencecti - Cyber Threat Intelligence Repository expressed in STIX 2.0
The Cyber Threat Intelligence Repository of ATT&CK and CAPEC catalogs expressed in STIX 2.0 JSON. See USAGE for information on using this content with python-stix2. ATT&CK is a catalog of techniques and tactics that describe post-compromise adversary behavior on typical enterprise IT environments. The core use cases involve using the catalog to analyze, triage, compare, describe, relate, and share post-compromise adversary behavior.
stix cti cyber-threat-intelligence attackstix2patterns_translator - Translate STIX 2 Patterning Queries
This repository contains a prototype analytic translator that converts STIX2 Patterning queries into other query languages, currently ElasticSearch and Splunk. In addition to translating query syntax, the translator will also translate from STIX 2's Data Model to other target data models, currently MITRE's Cyber Analytic Repository (CAR) and Splunk's Common Information Model (CIM). Both the query language translation and the data model translation are implemented as loosely-coupled modules and other targets can be added simply by implementing new modules to generate them. This functionality was originally developed for MITRE's CASCADE project. This repository offers CASCADE's translation capability as a standalone feature, and replaces CASCADE's own domain-specific language (DSL) with STIX 2.0 Patterning.
stixmisp-galaxy - Clusters and elements to attach to MISP events or attributes (like threat actors)
MISP galaxy is a simple method to express a large object called cluster that can be attached to MISP events or attributes. A cluster can be composed of one or more elements. Elements are expressed as key-values. There are default vocabularies available in MISP galaxy but those can be overwritten, replaced or updated as you wish. Existing clusters and vocabularies can be used as-is or as a template. MISP distribution can be applied to each cluster to permit a limited or broader distribution scheme.
threat-hunting information-exchange misp classification misp-galaxy default-stix-vocabulary threat-actors stix threat-intelligence adversariesMISP-STIX-Converter - A utility repo to assist with converting between MISP and STIX formats
This is the open-sourced version of BAE Systems' internal sync script. It's a bit limited, and it isn't perfect, nor is it bug-free. should have you covered. This relies on me actually updating PyPI every time I update the project, so I'd use the git repo wherever possible.
misp stix threat-sharing conversionMISP-Taxii-Server - An OpenTAXII Configuration for MISP
A set of configuration files to use with EclecticIQ's OpenTAXII implementation, along with a callback for when data is sent to the TAXII Server's inbox. You'll then need to set up your TAXII database. As you're using MISP, you'll likely already have a MySQL environment running.
misp taxii-server taxii-hooks information-exchange information-sharing stixkraut_salad - Proof of concept implementation of a cyber threat intelligence and incident handling platform
Currently, the basic database design is complete and a first parser for MITRE' STIX and CybOX cyber threat intelligence exchange formats is written. Kraut Salad is supposed to be a proof of concept implementation to determine if a relational database model is feasible or not. Therefore, Kraut Salad only implements a subset of the MITRE standard and still requires some CybOX objects to be implemented. Please refer to requirements.txt for an updated list of required packages.
threat-intelligence stix cybox
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
