KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

OpenCTI Connectors

Clusters and elements to attach to MISP events or attributes (like threat actors)

misp-guard is a mitmproxy addon that inspects and blocks outgoing events to external MISP instances via sync mechanisms (pull/push) based on a set of customizable block rules.

Warning lists to inform users of MISP about potential false-positives or other information in indicators

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

Python library using the MISP Rest API

MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats

Modules for expansion services, enrichment, import and export in MISP and other tools.

Indicators of Compromises (IOC) of our various investigations

Definition, description and relationship types of MISP objects

A suite of python scripts to perform various actions on a local instance of MISP using PyMISP.

Professional Thesis made in 6 mouth during an intership at the Agence Monégasque de Sécurité Numérique (AMSN). Subject : "How do you set up an automated tool for generating intrusion detection rules?"

Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS

Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.

Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools.

MISP Playbooks

Project to build a set of three docker images containing the components of MISP with self-configuration into a usable state from first start.

Specifications used in the MISP project including MISP core format

Enhancing MISP (Malware Information Sharing Platform & Threat Sharing)