Watcher - Open Source AI-powered Cyber Threat Intelligence & Hunting Platform. Developed with Django & React JS.

Open source platform for cyber security analysts with many features for threat intelligence and detection engineering.

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).

A powerful and user-friendly browser extension that streamlines investigations for security professionals.

CRADLE is a collaborative platform for Cyber Threat Intelligence analysts. It streamlines threat investigations with integrated note-taking, automated data linking, interactive visualizations, and robust access control. Enhance your CTI workflow from analysis to reporting—all in one secure space.

Sandia Cyber Omni Tracker (SCOT)

Advanced Cyber Threat Map (Simplified, customizable, responsive and optimized)

A live dashboard for a real-time overview of threat intelligence from MISP instances

Scam intelligence, phishing attribution, drainer mapping. Legal OSINT only. Public data. Real cases. For researchers and victims.

Open Source Platform for storing, organizing, and searching documents related to cyber threats

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

a rough written "guide" compiled from years of ADHD brain notes - enjoy

DaProfiler allows you to create a profile on your target based in France only. The particularity of this program is its ability to find the e-mail addresses your target.

Website for ail-typo-squatting library

intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; including but not limited to CTI, MISP Threat Sharing, STIX 2.

Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suricata, etc). It aims to foster collaboration among professionals and enthusiasts to improve the quality and reliability of detection rules.

STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling

Sigma Engine implementation in TypeScript

An all-in-one Shodan & ZoomEye supported tool to search, browse, preview and dump data leakage across 20+ services. Pulls real exposure straight from the sources instead of guessing. Drop it into your workflow and watch it surface leaks you won't find anywhere else.