A list of OSINT tools & resources for (fraud-)investigators, CTI-analysts, KYC, AML and more.
-
Updated
Nov 14, 2025
#
cyberthreatintelligence
Here are 40 public repositories matching this topic...
An analytical challenge created to test junior analysts looking to try performing proactive and reactive cyber threat intelligence.
-
Updated
Jul 3, 2024
Here's samples of android/ios spyware named "Pegasus" made by the NSOGROUP
android ios malware samples cybersecurity spyware malware-analysis pegasus cyberthreatintelligence nsogroup
-
Updated
Jul 27, 2021
MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats
-
Updated
Nov 14, 2025 - Python
An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Intelligence.
security dashboard maps intel cybersecurity threat-hunting threat-intelligence threat-intelligence-database cyberattack threat-intelligence-platform threat-response cyberthreatintelligence threat-intelligence-data threat-detection-policy
-
Updated
Jan 16, 2023
Graph Representation of MITRE ATT&CK's CTI data
python neo4j incident-response cti py2neo threat-intelligence mitre-attack taxii2 stix2 mitre-taxii2 stixx2 cyberthreatintelligence attack-cti
-
Updated
Nov 14, 2019 - Python
A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry Needs, developed by those in trenches.
-
Updated
Apr 22, 2025
A collection of intel and usernames scraped from various cybercrime sources & forums. DarkForums, HackForums, Patched, Cracked, BreachForums, LeakBase, & more
enrichment osint scraping cybersecurity threat-hunting threatintel cti scraping-websites cyber-security threat-intelligence threatintelligence threathunting osint-reconnaissance cyberthreatintelligence cyberthreats threatintel-feeds
-
Updated
Nov 24, 2025
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
github git ioc intelligence gitlab incident-response cybersecurity threat-hunting malware-research misp threatintel indicators threat-intelligence threat-intel indicators-of-compromise cyber-threat-intelligence ioa cyber-threats cyberthreatintelligence cyber-threat-analyst
-
Updated
Dec 14, 2021 - Python
Sharing our knowledge and resources in the field of cyber security.
linux security exploit reverse-engineering forensics cybersecurity vulnerability infosec pentesting ctf malware-analysis bugbounty cti cyberthreatintelligence
-
Updated
Aug 22, 2022
The NSE Script plugin integrates with Criminal IP CTI search engine for network scanning, showing IP details like WHOIS, running products, versions, CVEs, etc.
-
Updated
Nov 29, 2023 - Lua
SACTI - Securely aggregate CTI sightings and report them on MISP
-
Updated
Oct 24, 2022 - Python
A new way for you to structure your threat content.
-
Updated
Oct 24, 2024
This directory contains a templates for you to build your own system.
-
Updated
Feb 13, 2025
A lightweight REST API built with Go and Fiber that analyzes a website’s HTTP security response headers. It checks the presence of key headers, computes a weighted score (0–100), and returns a letter grade (A–F) with a human‑readable summary.
-
Updated
Nov 3, 2025 - Go
Dans le cadre de l’amélioration continue des capacités de veille cyber, ce projet vise à fournir une synthèse quotidienne des menaces émergentes à partir de sources ouvertes fiables, notamment via l’agrégation de flux RSS spécialisés.
-
Updated
Nov 24, 2025
Criminal IP is a comprehensive OSINT-based Cyber Threat Intelligence (CTI) search engine that can be used as an automated Attack Surface Management solution.
-
Updated
Apr 12, 2023 - Python
Experimental RAG that consumes Cyber Security articles via RSS
cybersecurity threatintel cyber experminental rag cyberthreatintelligence llm langchain chromadb ollama
-
Updated
Nov 29, 2024 - Jupyter Notebook
Phishing Url detector detects cyber thefts and cyber frauds using machine learning and data science technology. TECH used- Python, Django(Backend), SQLite, IBM cloud, data science, machine learning.
data-science machine-learning django django-rest-framework python3 cybersecurity ibm-cloud cyber-frauds cyberthreatintelligence cyber-thefts
-
Updated
Jun 22, 2022 - Python
To extract the usernames attempted by a compromised host. This information is obtained from Abuse IP DB, reports' comments.
python osint threat-analysis threat-intelligence adversary abuseipdb cyberthreatintelligence osint-tools
-
Updated
Feb 18, 2022 - Python
Improve this page
Add a description, image, and links to the cyberthreatintelligence topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the cyberthreatintelligence topic, visit your repo's landing page and select "manage topics."