建立威脅感知開源工具
MISP – Malware Information Sharing Platform
CRITS Collaborative Research Into Threats
https://crits.github.io/
https://www.github.com/crits
Source: https://crits.github.io/
Requirements: Docker, MongoDB
Docker Image: https://hub.docker.com/r/remnux/crits/
YeTi
https://yeti-platform.github.io/
FIR (Fast Incident Response)
https://github.com/certsocietegenerale/FIR
Malcom – Malware Communications Analyzer
https://github.com/tomchop/malcom
Collective Intelligence Framework
http://csirtgadgets.org/
https://github.com/csirtgadgets/massive-octo-spice/wiki/What-is-the-Collective-Intelligence-Framework%3F
GRR Rapid Response
https://github.com/google/grr
OSQuery
https://osquery.io/
MIG Mozilla InvestiGator
https://github.com/mozilla/mig
https://github.com/mozilla/mig/blob/master/doc/cheatsheet.rst
參考
www.slideshare.net/OWASPdelhi/cyber-threat-intelligence-and-incident-response