Proactive threat management identifies, assesses, and neutralizes cyber risks for robust defense.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
A daily collection of IOCs from various sources, including articles and tweets.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
A database of Tor exit nodes with their corresponding IP addresses and timestamps.
PolySwarm is a malware intelligence marketplace that aggregates threat detection engines to provide early detection, unique samples, and higher accuracy.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
A tool for extracting IOCs from various input sources and converting them into JSON format.
Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.
Taxii2 server for interacting with taxii services.
Curated datasets for developing and testing detections in SIEM installations.
Open Source Threat Intelligence Gathering and Processing Framework
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.
CAPEC™ is a comprehensive dictionary of known attack patterns used by adversaries to exploit weaknesses in cyber-enabled capabilities.
Collect various intelligence sources for hosts in CSV format.
Cyber Intelligence Management Platform with threat tracking, forensic artifacts, and YARA rule storage.
A modular malware collection and processing framework with support for various threat intelligence feeds.
A tool designed to extract additional value from enterprise-wide AppCompat / AmCache data
