Awesome Open Source
Search results for python threat
292 search results found
E-mails, subdomains and names Harvester - OSINT
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Modular and decentralised honeypot
Your Everyday Threat Intelligence
Microsoft Threat Intelligence Security Tools
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
CLI tool for open source and threat intelligence
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
The Correlated CVE Vulnerability And Threat Intelligence Database API
A Pythonic framework for threat modeling
Atomic Threat Coverage
Actionable analytics designed to combat threats
Real-time, container-based file scanning at enterprise scale
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
Extract and aggregate threat intelligence.
CRITs - Collaborative Research Into Threats
Tool to gather Threat Intelligence indicators from publicly available sources
A Network Packet Sniffing tool developed in Python 3.
Scripts and a (future) library to improve users' interactions with the ATT&CK content
The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis. This project aims to help protect individuals and organizations from cyber threats by identifying and alerting them to potentially malicious domains.
Attack Control Framework Mappings
Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
Cdda Game Launcher
A Cataclysm: Dark Days Ahead launcher with additional features
Mirror of Apache Spot
Threat Hunting tool about Sysmon and graphs
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Detection script for the ROBOT vulnerability
🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.
Threat Model Cookbook
This project is about creating and publishing threat model examples.
Analyze, extract and visualize features, artifacts and IoCs of files and memory dumps (Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more)
Libtech Auditing Cheatsheet
This project consists of an open source library allowing software to connect to data repositories using STIX Patterning, and return results as STIX Observations.
CIF v3 -- the fastest way to consume threat intelligence
Collecting & Hunting for IOCs with gusto and style
Threat Feed Aggregation, Made Easy
PatrowlHears - Vulnerability Intelligence Center / Exploits
Set of Maltego transforms to inferface with a MISP Threat Sharing instance, and also to explore the whole MITRE ATT&CK dataset.
A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
Open Source SIEM (Security Information and Event Management system).
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Amazon Guardduty Hands On
This repo can be used to quickly get hands on experience with Amazon GuardDuty by guiding you through enabling the detector, generating a variety of findings, and remediating those findings with Lambda functions.
DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
EXIST is a web application for aggregating and analyzing cyber threat intelligence.
Serverless, low cost, threat intel aggregation for enterprise or personal use, backed by ElasticSearch.
Threat Intelligence Hunter
TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs. The idea behind the tool is to facilitate searching and storing of frequently added IOCs for creating your own local database of indicators.
Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS
threatspec - continuous threat modeling, through code
A web-based tool to assist the work of the intuitive threat analysts.
The scripts helps security analsts to identify misconfigured firebase instances.
a low(zero) cost threat intelligence&response tool against phishing domains
OSINT Threat Intel Interface - CLI for HoneyDB
PROJECT PAUSED 1/11/22, Tracking Threat Actor Emails in Phishing Kits. CC @PhishKitTracker on twitter if you find a #threatactoremail in #phishingkit , maintained by @neonprimetime
OpenVAS Reporting: Convert OpenVAS XML report files to reports
Microsoft Threat Intelligence
Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
QRadio ~ Best Threat Intelligence Radio ~ Tune In!
Harbinger Threat Intelligence
STIX Schema Development
Docker Prometheus Cloudflare Exporter
Cloudflare exporter for Prometheus
Filters that process and transform the output of osxcollector
Aggregates security threats from a number of online sources, and outputs to Syslog CEF, Snort Signatures, Iptables rules, hosts.deny, etc.
A python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.
Explore Indicators of Compromise Automatically
Carbon Black Feeds
Sigma Hunting App
A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
Distributing the REconstruction of High-Level IR for Large Scale Malware Analysis
VMC: a Scalable, Open Source and Free Vulnerability Management Platform
Documentation work from the OpenStack Security Group (OSSG). Mirror of code maintained at opendev.org.
The FASTEST way to consume threat intel.
threat language parser
"Linking Threat Tactics, Techniques, and Patterns with Defensive Weaknesses, Vulnerabilities and Affected Platform Configurations for Cyber Hunting" by Erik Hemberg, Jonathan Kelly, Michal Shlapentokh-Rothman, Bryn Reinstadler, Katherine Xu, Nick Rutar, Una-May O'Reilly
Threatbutt python client and Maltego transforms
A set of Python scripts for finding threats in Office365
Interfaces for defining Robust ML models and precisely specifying the threat models under which they claim to be secure.
Threat Hunting With Notebooks
Repository with Sample threat hunting notebooks on Security Event Log Data Sources
Qradar Threat Intelligence On The Cheap
Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs
Seamless Threat Intelligence Platform
Consolidation of various resources related to Microsoft Sysmon & sample data/log
Threat Actor Intelligence Server
A simple ReST server to lookup threat actors (by name, synonym or UUID) and returning the corresponding MISP galaxy information about the known threat actors.
Threat Intel Api
This repository contains sample code for threat intelligence providers who provide Quad9 with a threat intelligence feed. Contact Quad9 (
) for a valid API Key.
check_IP is to judge whether a IP is malicious based on open threat intelligence，基于开源威胁情报AlienVault，排查IP地址及域名的恶意性
YaraScanner is a file pattern-matching tool based on YARA rules.
Recyclomedia is a digital platform that aims to save the planet from pollution which is the major threat to the functioning of earth.
This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, order, compare, or visualise quickly threat actors demonstrated operational capacities. In other words, it is meant to answer questions like 'Which APT produces the most binaries yearly', or 'which apt uses the most daomains'.
Tool used to perform threat intelligence against packet data
Cyber Threat Intelligence - Toolbox
Ens Adv Train Attack
Circumventing the defense in "Ensemble Adversarial Training: Attacks and Defenses"
ExaBGP based automated blocklist for Spamhaus DROP/EDROP and Emerging Threats blocklists for Ubiquiti EdgeRouters (and possibly Vyatta vRouters)
CrowdStrike Threat Intelligence
Threat Intelligence distribution
Python Django (28,897)
Python Deep Learning (22,239)
Python Machine Learning (20,195)
Python Pytorch (17,863)
Python Flask (17,116)
Python Dataset (14,792)
Python Docker (13,757)
Python Tensorflow (13,736)
Python Command Line (13,521)
Python Jupyter Notebook (12,976)
1-100 of 292 search results
Follow Us On Twitter
Copyright 2018-2023 Awesome Open Source. All rights reserved.