IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
-
Updated
May 10, 2024 - Python
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.
Distributed malware processing framework based on Python, Redis and S3.
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
File type classifier for the Karton framework.
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
File and analysis artifacts yara matcher for Karton framework
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
Kit de herramientas para atender un incidente de Ciberseguridad y elementos claves para poder gestionar y analizar artefactos basados en una intrusión informática.
A small Flask application that allows for Karton task and queue introspection.
Static configuration extractor for the Karton framework
Extractor of various archive formats for Karton framework
Tools used by CSIRT and especially in the scope of CNW
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
CSV processing and web related data types mutual conversion
Add a description, image, and links to the csirt topic page so that developers can more easily learn about it.
To associate your repository with the csirt topic, visit your repo's landing page and select "manage topics."