"topic:opencti" — Search

Welcome to my Cybersecurity Homelab, where I experiment with ethical hacking, penetration testing, network security, AI Agent automation and system hardening. This repo documents the architecture, software stack, configurations, and automation scripts used in my self-hosted cybersecurity lab.

171Updated 1 year ago

ai-agentsartificial-intelligenceblue-teamcybersecuritydockerhomelabhomelab-automationhomelab-setuplinuxn8nopenctipenetration-testingproxmoxpurpleteamred-teamtruenasvirtualizationwazuh

weisshorn-cyd/gocti

Unofficial OpenCTI Golang Client

Go151Updated 4 days ago

cyber-threat-intelligencegogolangopencti

PKHarsimran/SwiftIOC-Automated-Threat-Intelligence-Collector

Automated threat intelligence collector built with Python and GitHub Actions — fetches recent IOCs from open sources, normalizes and enriches them (IP, URL, hash, CVE), and publishes ready-to-use feeds in CSV, JSON, and STIX formats.

Python132Updated 17 hours ago

cortex-xdrcsvcybersecuritygithub-actionsinfoseciocjsonmispopenctipythonsiemsplunkstixthreat-feedsthreat-intelligence

CyberFlooD/DUDIX-CTI

Newsletter hebdomadaire sur les menaces cyber du moment à partir de cluster OpenCTI auto-hebergé

112Updated 1 month ago

cticybersecuritynewsletteropenctithreat-huntingthreat-intelligencethreatintel

muchdogesec/cve2stix

A command line tool that turns NVD CVE records into STIX 2.1 Objects.

Python111Updated 1 month ago

cvenvdopenctistixstix2stix2-patternsvulnerability

mkdemir/opencti-watcher

Watcher is a solution that integrates with security products using IoC (Indicator of Compromise) information gathered through the OpenCTI platform. This integration makes it possible to detect and respond to threats faster.

Python101Updated 2 years ago

ctiopenctipython

predictiveworks/ignite-graph

IgniteGraph is a client layer for using Apache Ignite as a graph database. It is an implementation of the Apache TinkerPop interfaces.

Scala71Updated 3 years ago

apache-ignitefiwaregraph-databaseopenctiosquerytinkerpop3zeek

JMousqueton/OpenCTI-Docker

docker-compose configuration to install OpenCTI with connectors (check my blog post for more information)

61Updated 3 years ago

cyber-threat-intelligencecybersecurityopenctithreat-intelligence

predictiveworks/works-sqlstream

This project complements Apache Spark structured streaming with hand-picked streaming sources and sinks.

Scala60Updated 3 years ago

aerospikeapache-igniteapache-sparkeclipse-dittoeclipse-pahoexasolfiwarehivemqmqttopenctiosqueryredshiftsap-hanaserver-sent-eventsnowflakestix2structured-streamingthingsboardzeek

CyberFlooD/Evil-Domains

La liste de domaines malveillants collectés par DUDIX CTI

50Updated 6 months ago

cticybersecuritydomainsiocopen-ctiopenctistixthreatintel

it-bgk/cdc-plattform

Cyber Defense Plattform for security incident investigation enrichment and automatisation.

Shell51Updated 4 years ago

cdc-plattformcortexdockerdocker-composedocker-imagedockerfileenrichmentenrichment-analysisincident-managementminemeldmispopenctithehivethreat-huntingthreat-intelligencewatcher

Grand-Duc/iris-opencti-module

IRIS module for integration with OpenCTI

Python40Updated 9 months ago

dfir-irisforensicsincident-responseopenctipython

weisshorn-cyd/opencti_exporter

A Prometheus exporter for OpenCTI

Go40Updated 6 months ago

golangopenctiprometheus-exporter

weisshorn-cyd/terraform-provider-opencti

Terraform provider for OpenCTI

Go30Updated 1 month ago

golangopenctiterraform

muchdogesec/location2stix

A command line tool that converts Countries and Regions into STIX 2.1 Location objects with rich relationships

Python30Updated 3 months ago

iso-3166openctistixstix2threat-intelligence

predictiveworks/works-stream

This project complements Apache Spark Streaming with hand-picked streaming receivers for Eclipse Ditto, Fiware Context Broker, Fleet (DM), Eclipse Paho, HiveMQ, OpenCTI, Google PubSub, Server Sent Events, ThingsBoard and Zeek Sensor.

Scala30Updated 4 years ago

apache-sparkeclipse-dittoeclipse-pahofleethivemqmqttopenctiosqueryserver-sent-eventsstreamingthingsboardzeek

ajokunu/MatchBox

Home SOC on k3s — Wazuh SIEM/XDR, OpenCTI threat intel, TheHive/Cortex incident response, Grafana monitoring, and MCP servers for AI-assisted security operations. Runs on a single Mac Mini M4.

Svelte30Updated 2 weeks ago

grafanahomelabincident-responsek3skubernetesmcpopenctisecuritysiemsocthehivethreat-intelligencewazuh

calamityz/CTI-Installation-Connection

An installation guide to help install OpenCTI, MISP and CAPE Sandbox but also to interconnect them

30Updated 1 year ago

capectimispopencti

predictiveworks/works-beats

A collection of standalone Akka-based Http(s) services to connect to Fiware, OpenCTI, Osquery fleets, OPC-UA, ThingsBoard and Zeek.

Scala31Updated 3 years ago

akkafiwarefiware-ngsimqttopc-uaopenctiopencti-connectorosqueryserver-sent-eventthingsboardzeek

smidrkal/OpenCTI

Docker Compose template for an OpenCTI Demo

Shell20Updated 1 year ago

ctidockermispopenctithreat-intelligencethreatintel

predictiveworks/cdap-connect

Purpose-built data connectors for Google CDAP data pipelines

Java22Updated 3 years ago

aerospikeapache-igniteapache-kafkacdapcratedbdata-warehousedittofiwarehivemqinfluxdbopenctiorientdbosquerypaho-mqttthingsboardwebhosezeek

Page 1 of 2