在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:davidonzo/Threat-Intel开源软件地址:https://github.com/davidonzo/Threat-Intel开源编程语言:Python 100.0%开源软件介绍:DigitalSide Threat-IntelThis repository contains a set of Open Source Cyber Threat Intellegence information, mostly based on malware analysis and compromised URLs, IPs and domains. The purpose of this project is to develop and test new wayes to hunt, analyze, collect and share relevants sets of IoCs to be used by SOC/CSIRT/CERT with minimun effort. Sharing formatsThree formats are availables to download the reports:
The majority of the informations are stored in the MISP data format. So, best way to collect data is subscribe the Digitalside-misp-feed. All sharing formats are based on MISP export format. All reports in any format can be consumed by any up-to-dated MISP instance. Sharing endpointsReports shared by two sharing endpoints:
Digitalside-misp-feedHow to subscribe theSince 2019-09-23 OSINT.digitalside.it MISP feed has been added to the "Default feeds" list availables in MISP default installation. The esasy way to subscribe the feed is select the dedicated activation button.
You can also subscribe the feed manually, following the below instructions.
Public APIPlease visit the DigitalSide-API project page. Sharing samplesMalware samples are not included in the reports. If you need some binary file for further analysis and investigation send an email to info[at]digitalside.it, qualifing yourself as member of a SOC/CSIRT/CERT or other cyber security organization working on public safety. No commercial company will be supported at all. Only PGP signed and encrypted emails from a valid sender will have feedback. My PGP key ID 30B31BDA. Fingerpring: 0B4C F801 E8FF E9A3 A602 D2C7 9C36 93B2 30B3 1BDA. Workflow Automation Input/OutputReports shared here are the result of my personal Malware Analisys Lab. In this first stage of the project I'll focus the activity in find the best way to share IoC. Report contents should change in time. Anyway, backward compatibility will be granted. The goal is create an external know how to be used for correlation, digital forensics activities, threat intelligence processes, inside a workflow automation process for Incident Response. In a second phase I'll share information about my Malware Analisys Lab. This way I hope to cover the two main IoC sharing topics:
Credits are granted!Many reports shared are based on OSINT and CLOSINT sources. All applicables credits are granted. If something wrong, please contact me at info[at]digitalside[dot]it. About MeMy name is Davide Baglieri and I'm an indepented security researcher and consultant. You can find more information at the following links: My personal purpose about this project is basically for Research & Developing in a continue education and training process I started the 23th of September 1979. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论