IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
-
Updated
Sep 16, 2024 - Python
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
Distributed malware processing framework based on Python, Redis and S3.
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
DomainClassifier is a Python (2/3) library to extract and classify Internet domains/hostnames/IP addresses from raw unstructured text files following their DNS existence, localization or attributes.
BGP ranking is a free software to calculate the security ranking of Internet Service Provider (ASN)
VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordinated vulnerability disclosure. VINCE is a Python-based web platform.
Incident Response Network Tools
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
CSV processing and web related data types mutual conversion
IntelMQ command line tool to process events and send out email notifications.
Static configuration extractor for the Karton framework
Automation SIG
AutoIt script ripper for Karton framework
File type classifier for the Karton framework.
File and analysis artifacts yara matcher for Karton framework
Extractor of various archive formats for Karton framework
Various decoders for ascii-encoded executables for Karton framework
Karton service that uploads analyzed artifacts and metadata to MWDB Core
A small program to monitor the latest published vulnerabilities and also match it with the desired brands and products and announce it to email, Discord, etc.
Add a description, image, and links to the csirt topic page so that developers can more easily learn about it.
To associate your repository with the csirt topic, visit your repo's landing page and select "manage topics."