This repository is a curated list of resources for Threat Intelligence (TI), aimed at security professionals, researchers, and analysts. It provides a comprehensive overview of sources, formats, frameworks, platforms, tools, and research related to identifying, analyzing, and mitigating cyber threats.

How It Works

The project acts as a directory, categorizing and linking to a vast array of open-source and commercial threat intelligence feeds, data formats (like STIX, TAXII, MAEC), analytical frameworks (e.g., MITRE ATT&CK, Diamond Model), and specialized tools for data collection, processing, and sharing. It aims to consolidate the landscape of TI resources, enabling users to discover and leverage relevant information efficiently.

Quick Start & Requirements

No installation or execution is required. This is a curated list of external resources.

Highlighted Details

• Extensive categorization of over 300 resources, including feeds, tools, and research papers.
• Covers a wide range of TI formats and standards such as STIX, TAXII, MAEC, and OpenIOC.
• Features numerous tools for IOC extraction, aggregation, analysis, and sharing.
• Includes links to academic research, standards bodies, and practical guides for TI implementation.

Maintenance & Community

The repository is community-driven, with contributions encouraged. Specific maintainers or active community channels are not detailed in the README.

Licensing & Compatibility

The repository itself is licensed under the Apache License 2.0. The licenses of the linked external resources vary widely, and users must consult each resource's specific license for usage terms, especially regarding commercial use.

Limitations & Caveats

The quality and up-to-dateness of the linked resources are not guaranteed by this repository. Users must independently verify the reliability and applicability of each listed item. Some commercial offerings require subscriptions or API keys.