GOSINT:
framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend.
Download Link : https://github.com/ciscocsirt/gosint / https://gosint.readthedocs.io/en/latest/index.html
Threatfeeds.io:
It's a another Free and open-source threat intelligence feeds.
Request Link : https://www.threatconnect.com/free/
framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).
GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
Applying threat intelligence to security operations enriches alert data with additional confidence, context, and co-occurrence. This means that you apply research from third parties to security event data to identify similar, or identical, indicators of malicious behavior. The framework is written in Go with a JavaScript frontend.
Threatfeeds.io:
It's a another Free and open-source threat intelligence feeds.
Ref Link : https://threatfeeds.io/
Yeti:
is a platform meant to organize observables, indicators of compromise,
TTPs, and knowledge on threats in a single, unified repository. Yeti will also
automatically enrich observables (e.g. resolve domains, geolocate IPs) so that
you don't have to. Yeti provides an interface for humans (shiny Bootstrap-based
UI) and one for machines (web API) so that your other tools can talk nicely to
it.
Quick install (the command we all love)
$ curl https://raw.githubusercontent.com/yeti-platform/yeti/master/extras/ubuntu_bootstrap.sh | sudo /bin/bash
Ref Link : https://yeti-platform.github.io/
TC ( Threat Connect ) Open:
is a completely free way for individual researchers to get
started with threat intelligence. TC Open allows you to see and share open source threat
data, with support and validation from our free community.
- Access to 100+ open source intelligence feeds (OSINT)
- Access to threat, incident, and adversary data
- Ability to collaborate or consume active and historic indicators, incidents, and threats
- Validate your findings with peers in the ThreatConnect Common Community
Request Link : https://www.threatconnect.com/free/
