🧠

Cyber Threat Intelligence

Start here!

How to create and manage your CTI?

About commercial CTI

Recommendations to conduct better analysis

Curated reports and writeups

Advanced Persistent Threats and IOCs

Known artefacts left by the attacker

Tools for CTI activities

🛠️
DFIR Tooling

🤖
AMAaaS
sandboxapk analysisandroidsaas
anlyz.io
file analysisurl analysissaas
Any Run
sandboxsaas
🔎
Cortex (TheHive Project)
cyber threat intelligence
🦠
Crits
cyber threat intelligenceanalytics
🧠
fileintel
file analysiscyber threat intelligence
⚙️
Firmware
file analysissaasfirmware
Gatewatcher Intelligence
artifact analysisfile analysismalware analysissaas
🧠
hostintel
cyber threat intelligencehost analysis
Hybrid-Analysis
sandboxsaasmalware analysisartifact analysisurl analysis
🔎
IBM X-Force
saasfile analysisurl analysisartifact search
🔒
ID Ransomware from MalwareHunterTeam
📁
Inquest Deep File Inspection (DFI)
file analysissaasdeobfuscation
Intezer
saassandboxmalware analysis
Joe Sandbox
🦠
Kaspersky Data Feeds
cyber threat intelligencefeed
🔍
Limacharlie
all-in-onesaaswindowsosxlinuxandroidiosforensics
🦠
Malware Information Sharing Platform (MISP)
cyber threat intelligence
⚙️
Manalzyer
malware analysissaasstatic analysis framework
🔎
MetaDefender Cloud OPSWAT
saasfile analysisurl analysisartifact search
🧠
Munin
cyber threat intelligencefile analysis
🔎
Open Threat Exchange AlienVault
saasfile analysisurl analysisartifact search
🦠
OpenCTI
cyber threat intelligence
Pikker.ee Sandbox (Cuckoo)
sandboxmalware analysissaas
🔎
Quttera
saasurl analysis
🔎
SiteCheck Sucuri
saasurl analysis
🍯
T-Pot
honeypotcyber threat intelligence
🔎
ThreatCrowd is now powered by AlienVault
saasurl analysisfile analysisartifact search
🦠
ThreatFox
saascyber threat intelligenceartifact analysismalware analysisioc scanner
📒
threatnote.io
reportingcyber threat intelligence
🖥️
ThreatPursuit VM (FireEye)
cyber threat intelligence
Valkyrie Comodo
saasmalware analysis
🦠
VirusBay
malware exchangereporting
🔎
VirusTotal
saasfile analysisurl analysisartifact search
Yara
cyber threat intelligenceyara
Yara-Rules
cyber threat intelligenceyararuleset
Yomi
sandboxsaasmalware analysis