MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Extract and aggregate threat intelligence.

Open Source Platform for storing, organizing, and searching documents related to cyber threats

An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Intelligence.

🦊 DISINFOX is a threat intelligence exchange platform for disinformation implementing the DISARM framework at its core.

Seamless Threat Intelligence Platform

Web-based IOC management platform with threat intelligence enrichment for SOC teams

Modular OSINT and attack surface analysis platform for authorized security research, with risk scoring, attack paths, and report generation.

Automated IP blacklist aggregator from 23 threat intelligence sources - updated hourly via GitHub Actions

A 90s-themed dashboard for live threat intel from AlienVault OTX. Includes file/URL scanning, custom charting, and hacker-style UI.

A companion piece to the IEEE paper of the same name.

KATANA is an advanced Threat Intelligence & Active Defense platform for Sophos Firewalls. Built for SOC analysts, it features offline forensic log analysis, PyQt6 data visualization, and automated live mitigation (AEGIS).

Code samples of querying the Domain Reputation API service of Threat Intelligence Platform.

MISP usage statistics using bokeh (as a static webpage)

RedditCheck Crawling Service

SATRAP-DL (Semi-Automated Threat Reconnaissance and Analysis Powered by DECIPHER Logic), part of project CyFORT, offers a suite of tools for computer-aided CTI analysis and automated incident handling informed by CTI, provided respectively by its sub-systems SATRAP and DECIPHER.

A C# client for Vertex Synapse

Masters thesis in cyber security on malicious domains detection. Center core API. Mirror from GitLab.

threatXmanager is an open source SDK by CorreaCyberLabsLTD for cyber threat intelligence management and incident response. Built on a STIX2 schema, it centralizes observables analysis and integrates with tools like MISP, TheHive, and MITRE ATT&CK.