
Forager
#Threat Defense#Threat Management
A repository of cybersecurity datasets and tools curated by @sooshie.
Do You Ever Wonder If There's an Easier Way?
Do you ever wonder if there is a simpler method to retrieve, store, and manage all your threat intelligence data? Meet Forager, your new ally. Not every threat intelligence implementation needs a database that is 'correlating trillions of data points.' Sometimes, all you need is a straightforward interface that utilizes simple TXT files. This can pull threat data from various feeds, PDF threat reports, or other data sources with minimal effort. With 15 pre-configured threat feeds at your disposal, you can begin managing your threat intelligence feeds today. Right now. Go for it!
Features Overview
Retrieve intelligence from URLs using modular feed functions.
- Extract indicators such as domain, md5, sha1, sha256, IPv4, and YARA.
- Search the current intelligence set by a single IP address or by using an IOC file.
- Generate JSON feeds for use with CarbonBlack.
- Provides a simple HTTP JSON feed server for CarbonBlack.
Requirements
Requires Python 3! The following libraries are needed: argparse, xlrd, pdfminer3k, and colorama (for enhanced colored output). You can install all the required libraries using the included requirements.txt file by running the command: pip3 install -r requirements.txt.
Feeds:
--feeds list -- This command lists all available feeds and allows the user to select a single feed for updating.
update -- This command updates all feed modules.