Repositories list

• ransomware2stix

  Public
  STIX 2.1 bundles of ransomware group intelligence

  malwareransomwareransom

  Python

  •

  Apache License 2.0

  •0•0•1•0•Updated Feb 28, 2025Feb 28, 2025

• ctibutler

  Public
  A web API for various cyber threat intelligence frameworks, including MITRE ATT&CK, CWE, ATLAS...

  stixtlpmitre-attack+ 5stix2stix2-extensionsmitre-atlasmitre-cwemitre-capec

  Python

  •

  Apache License 2.0

  •1•10•1•0•Updated Feb 28, 2025Feb 28, 2025

• arango_taxii_server

  Public
  A lightweight TAXII API wrapper for ArangoDB.

  arangodbtaxii2stix2

  Python

  •

  Apache License 2.0

  •0•7•0•0•Updated Feb 27, 2025Feb 27, 2025

• stix2arango

  Public
  stix2arango is a command line tool that takes a group of STIX 2.1 objects in a bundle and inserts them into ArangoDB. It can also handle updates to existing objects in ArangoDB imported in a bundle.

  arangodbstix2

  Python

  •

  Apache License 2.0

  •1•8•0•0•Updated Feb 27, 2025Feb 27, 2025

• obstracts

  Public
  Turn any blog into structured threat intelligence.

  atomblogrss+ 3threat-huntingthreat-intelligencethreat-intel

  Python

  •

  Apache License 2.0

  •2•17•3•0•Updated Feb 27, 2025Feb 27, 2025

• history4feed

  Public
  Creates a complete full text historical archive for an RSS or ATOM feed.

  atomrsswayback-machine

  Python

  •

  Apache License 2.0

  •4•115•1•0•Updated Feb 26, 2025Feb 26, 2025

• dogesec_commons

  Public
  A package containing views we reuse between various DOGESEC products

  Python

  •

  Apache License 2.0

  •0•0•0•0•Updated Feb 26, 2025Feb 26, 2025

• txt2stix

  Public
  Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.

  cyber-threat-intelligencestix2stix2-extensions+ 1stix2-patterns

  Python

  •

  Apache License 2.0

  •3•38•0•0•Updated Feb 25, 2025Feb 25, 2025

• stixify

  Public
  Extract machine readable cyber threat intelligence from unstructured data (inc. PDFs, Word docs, and HTML pages)

  stix2stix2-extensionsstix2-patterns

  Python

  •

  Apache License 2.0

  •3•13•0•0•Updated Feb 24, 2025Feb 24, 2025

• vulmatch

  Public
  Vulmatch is a database of CVEs in STIX 2.1 format with a REST API wrapper to access them.

  vulnerabilityvulnerabilitiescve+ 2cpenvd

  Python

  •

  Apache License 2.0

  •2•4•3•0•Updated Feb 21, 2025Feb 21, 2025

• connectors

  Public
  OpenCTI Connectors

  Python

  •

  Apache License 2.0

  •446•0•0•0•Updated Feb 19, 2025Feb 19, 2025

• stix2extensions

  Public
  This repository is used to share custom STIX objects created by the DOGESEC community.

  Python

  •

  Apache License 2.0

  •0•3•0•0•Updated Feb 12, 2025Feb 12, 2025

• arango_cve_processor

  Public
  A small python script that enriches Vulnerability STIX Objects with other intel

  vulnerabilitycvecpe+ 5nvdcwecapecmitre-attackstix2

  Python

  •

  Apache License 2.0

  •0•2•0•0•Updated Feb 6, 2025Feb 6, 2025

• txt2detection

  Public
  A command line tool that takes a txt file containing threat intelligence and turns it into a detection rule.

  siemdetection-rulesdetection-engineering

  Python

  •

  Apache License 2.0

  •1•5•0•0•Updated Feb 5, 2025Feb 5, 2025

• awesome_threat_intel_blogs

  Public
  A curated list of Awesome Threat Intelligence Blogs

  atomrsscybersecurity+ 3infosecthreat-intelligencethreat-intel

  Other

  •43•376•0•0•Updated Feb 4, 2025Feb 4, 2025

• arango_cti_processor

  Public
  A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.

  cwecapecmitre-attack+ 1stix2

  Python

  •

  Apache License 2.0

  •0•5•0•0•Updated Feb 3, 2025Feb 3, 2025

• siemrules

  Public
  An API that takes a txt file containing threat intelligence and turns it into a detection rule.

  siemsoardetection-rules+ 1detection-engineering

  Python

  •

  Apache License 2.0

  •1•0•0•0•Updated Jan 31, 2025Jan 31, 2025

• stix4doge

  Public
  This repository is used to generate STIX objects used by DOGESEC products.

  cyber-threat-intelligencestix2stix2-extensions

  Python

  •

  Apache License 2.0

  •0•2•0•0•Updated Jan 28, 2025Jan 28, 2025

• location2stix

  Public
  A command line tool that converts Countries and Regions into STIX 2.1 Location objects with rich relationships

  stix2iso-3166

  Python

  •

  Apache License 2.0

  •0•1•0•0•Updated Jan 25, 2025Jan 25, 2025

• disarm2stix

  Public
  A command line tool that turns the DISARM framework into STIX 2.1 Objects.

  stix2disarm

  Python

  •

  Apache License 2.0

  •1•2•0•0•Updated Jan 23, 2025Jan 23, 2025

• cve2stix

  Public
  A command line tool that turns NVD CVE records into STIX 2.1 Objects.

  vulnerabilitycvenvd+ 2stix2stix2-patterns

  Python

  •

  Apache License 2.0

  •0•11•0•0•Updated Jan 21, 2025Jan 21, 2025

• sigma2stix

  Public
  A command line tool that converts Sigma Rules into STIX 2.1 Objects.

  stix2sigma-rules

  Python

  •

  Apache License 2.0

  •2•9•1•0•Updated Jan 13, 2025Jan 13, 2025

• .github

  Public
  Shown on the frontpage of our Github organisation profile.

  0•0•0•0•Updated Jan 2, 2025Jan 2, 2025

• cxe2stix_helper

  Public archive
  [ARCHIVED -- USE CVE2STIX] A small Python wrapper to download data using cve2stix and cpe2stix.

  cvecpenvd+ 2stix2stix2-patterns

  Python

  •

  Apache License 2.0

  •1•4•0•0•Updated Dec 12, 2024Dec 12, 2024

• fakeblog123

  Public
  We use this repository to host a blog used to test our other tools history4feed and Obstracts.

  atomrss

  Ruby

  •

  Apache License 2.0

  •0•0•0•0•Updated Dec 11, 2024Dec 11, 2024

• awesome_detection_rules

  Public
  A curated list of Awesome Detection Rules

  infosecxdrsiem+ 4threat-intelligencedetection-rulesthreat-inteldetection-engineering

  Other

  •1•0•0•0•Updated Dec 7, 2024Dec 7, 2024

• cpe2stix

  Public archive
  [ARCHIVED -- USE CVE2STIX] A command line tool that turns NVD CPE records into STIX 2.1 Objects.

  cvecpenvd+ 1stix2

  Python

  •

  Apache License 2.0

  •0•3•0•0•Updated Dec 3, 2024Dec 3, 2024

• file2txt

  Public
  Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract texts from images. Built for threat intel use-cases.

  markdownocrhtml-to-markdown+ 2image-to-textpdf-to-markdown

  Python

  •

  Apache License 2.0

  •2•12•1•0•Updated Nov 29, 2024Nov 29, 2024

• cwe2stix

  Public
  A command line tool that turns MITRE CWEs into STIX 2.1 Objects.

  stix2stix2-extensionsmitre-cwe

  Python

  •

  Apache License 2.0

  •0•3•0•0•Updated Nov 27, 2024Nov 27, 2024

• sitemap2posts

  Public
  sitemap2posts is designed to identify all posts for a blog, using a specified URL path, along with titles and published dates, ready to be added to history4feed.

  blogcrawlerrobots-txt

  Python

  •

  Apache License 2.0

  •0•0•0•0•Updated Oct 14, 2024Oct 14, 2024