Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.

• UpdatedJan 24, 2025
• Python

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.

• UpdatedJun 1, 2023
• PowerShell

Actionable analytics designed to combat threats

• UpdatedMay 25, 2022
• Python

This repository contains indicators of compromise (IOCs) of our various investigations.

• UpdatedJul 9, 2025
• Python

A collection of intelligence about Log4Shell and its exploitation activity.

• UpdatedMar 4, 2022
• Python

This script will automatically set up an OSINT workstation starting from a Ubuntu OS.

• UpdatedDec 10, 2022
• Shell

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

• UpdatedAug 30, 2023
• Python

BlackBerry Threat Research & Intelligence

• UpdatedOct 20, 2023
• Jupyter Notebook

A reverse search tool for OSINT (Open Source Intelligence) gathering & facial recognition via Google Custom Search & Google Vision API's.

• UpdatedApr 26, 2024
• Python

Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack

• UpdatedNov 3, 2019
• Python

Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.

• UpdatedMay 25, 2022
• Python

Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.

• UpdatedMay 21, 2021

A BASH script to automate simple tasks related to static malware analysis

• UpdatedOct 2, 2020
• Shell

A collection of Go tools I make while I learn a little about GoLang.

• UpdatedApr 12, 2025
• Go

A collection of CTI stuffs - intel scraped from various cybercrime sources & forums

• UpdatedJul 10, 2025

IOCs that appear in this repository are meant to be long-lasting indicators of compromise.

• UpdatedOct 1, 2024

Mirror for TLP:WHITE papers

• UpdatedNov 19, 2022

Publicly available threat intelligence reports

• UpdatedAug 3, 2020

A new way for you to structure your threat content.

• UpdatedOct 24, 2024

🔮 Collect, process, and automatically distribute Cyber Threat Intelligence from RSS feeds across multiple platforms.

• UpdatedMar 10, 2025