ThreatConnect playbook to read a Google Alerts RSS feed and create indicators from the links.
-
Updated
Jan 4, 2018
ThreatConnect playbook to read a Google Alerts RSS feed and create indicators from the links.
OpenSource /Malware Analysis Pipeline System
threatnote | Cyber Threat Intelligence Notebook
Insight aids in profiling a host by searching several online services for information about an IP or domain name.
Golang implementation of PyMISP-feedgenerator
www.spencerwalden.net. Spencer Walden's Infosec blog
Automated Collection of Threat Intel Feeds
Threat analyses I have done involving phishing, malware, social engineering, etc.
PowerShell module for creating and managing Sysinternals Sysmon config files.
Samples to develop osint API using AWS lambda and API Gateway
CTI Reporter is a small flask wiki to help index threat intelligence data
Technical Analysis of Bibi-Windows Wiper Targeting Israeli Organizations
MISP Chrome plugin for adding and looking up indicators
[ARCHIVED] Basic pathways for transforming threat data into threat intelligence: https://fhightower.gitbooks.io/threat-intelligence-investigation-paths/content/
ThreatConnect playbook checking if a URL has been archived in the wayback machine.
Add a description, image, and links to the threatintel topic page so that developers can more easily learn about it.
To associate your repository with the threatintel topic, visit your repo's landing page and select "manage topics."