TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Real-time HTTP Intrusion Detection

Cortex: a Powerful Observable Analysis and Active Response Engine

Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

Awesome Security lists for SOC/CERT/CTI

Repository of YARA rules made by Trellix ATR Team

Automatically created C2 Feeds

Awesome list of keywords and artifacts for Threat Hunting sessions

Documentation of TheHive

The OSINT Omnibus (beta release)

本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。

Bringing you the best of the worst files on the Internet.

👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.

Extract indicators of compromise from text, including "escaped" ones.

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

Open Dataset of Cobalt Strike Beacon metadata (2018-2022)

Historical list of {Cobalt Strike,NanoHTTPD} servers

Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)

Explore Indicators of Compromise Automatically

BlackBerry Threat Research & Intelligence