Alguns links legais para quem gostaria de entender ou entrar na area de Cyber Threat Intelligence / CTI.
-
Updated
Jul 20, 2022
Alguns links legais para quem gostaria de entender ou entrar na area de Cyber Threat Intelligence / CTI.
Resources for FIRST CTI Conference 2023 presentation
Python script for ingesting IOCs from PRODAFT USTA to Azure Sentinel
To extract the usernames attempted by a compromised host. This information is obtained from Abuse IP DB, reports' comments.
ScaryCon is a South African conference promoted by ScaryByte to demonstrate cybersecurity and cyber intelligence in its reality.
Data Analysis of iSoon's Leaked Data Dump
Criminal IP is a comprehensive OSINT-based Cyber Threat Intelligence (CTI) search engine that can be used as an automated Attack Surface Management solution.
Supporting Cyber Threat Intelligence Tools
Dataset Release on our paper, Threat Behavior Textual Search by Attention Graph Ismorphism
This repository contains security detection rules I've created, using the flexible and open Sigma standard, designed to enhance consistency and efficiency in security operations across various log files.
This repository contains the code of MalwareInfrastructureHunter (MIH). This code presents the ability for you to add your own censys queries and extract malware infrustructure (other hosts), as also to search for reputation of these identified hosts (VirusTotal,AbuseIPDB) and also to identify files communicating with these hosts (VirusTotal)
An automated Cyber Threat Intelligence (CTI) apparatus, implemented via a suite of Free & Open-source Software (FOSS)
ttpnav is a Python library that simplifies navigating MITRE ATT&CK data, enabling users to effortlessly retrieve comprehensive information about specific techniques with a single query. It provides details on mitigations, detections, procedure examples, groups, and related software/tools, streamlining cybersecurity analysis.
A static HTML page for quick OSINT pivoting.
Phishing Url detector detects cyber thefts and cyber frauds using machine learning and data science technology. TECH used- Python, Django(Backend), SQLite, IBM cloud, data science, machine learning.
The NSE Script plugin integrates with Criminal IP CTI search engine for network scanning, showing IP details like WHOIS, running products, versions, CVEs, etc.
Mitre Framework Based Quantitative Risk Simulation
SACTI - Securely aggregate CTI sightings and report them on MISP
Add a description, image, and links to the cyberthreatintelligence topic page so that developers can more easily learn about it.
To associate your repository with the cyberthreatintelligence topic, visit your repo's landing page and select "manage topics."