Threat Intelligence

tools

cybersecurity

threat intelligence

Published

October 1, 2023

Modified

April 28, 2024

This document lists 21 tools for threat intelligence and security, including AlienVault OTX, Any.Run, Censys, CheckPhish, GitGuardian, Hybrid Analysis, IBM X-Force Exchange, MetaDefender by OPSWAT, OnionScan, PacketTotal, PhishCheck, Piracema, PulseDive, Shodan, SiteReport by Netcraft, Talos Intelligence, ThreatCrowd, ThreatMiner, URLVoid, VirusTotal, and WHTop.

AlienVault OTX: Open Threat Exchange is the neighborhood watch of the global intelligence community. It enables private companies, independent security researchers, and government agencies to openly collaborate and share the latest information about emerging threats, attack methods, and malicious actors, promoting greater security across the entire community.
Any.Run: Any.Run is an interactive malware analysis service that allows you to analyze suspicious files and URLs in a secure environment. It provides a comprehensive view of malware behavior, allowing you to understand and mitigate potential threats effectively.
Censys: Censys is a search engine that helps you discover and analyze devices and networks on the internet. It provides comprehensive and up-to-date data, allowing you to gain insights into potential vulnerabilities and threats in your infrastructure.
CheckPhish: CheckPhish is an AI-powered platform that helps you detect and analyze phishing websites. It uses machine learning algorithms to identify suspicious elements and provides detailed reports to help you stay protected against phishing attacks.
GitGuardian - Public GitHub Monitoring: GitGuardian is a platform that monitors public GitHub repositories in real-time. It detects secrets and sensitive information to prevent hackers from using GitHub as a backdoor to your business. By scanning code repositories, GitGuardian helps you ensure that no confidential data is exposed unintentionally.
Hybrid Analysis: Hybrid Analysis is a powerful malware analysis platform that enables you to examine suspicious files and URLs in a secure virtual environment. It provides detailed insights into the behavior of malware, allowing you to understand its capabilities and take appropriate actions to mitigate the threat.
IBM X-Force Exchange: IBM X-Force Exchange is a collaborative threat intelligence platform that brings together insights from IBM, third-party contributors, and the broader security community. It provides access to a vast collection of threat intelligence, helping you stay informed about the latest threats and take proactive measures to protect your organization.
MetaDefender by OPSWAT: MetaDefender is a comprehensive threat intelligence platform that offers advanced file scanning and threat detection capabilities. It helps you identify and analyze potential threats by scanning files and URLs against multiple antivirus engines and threat intelligence feeds.
OnionScan: OnionScan is a free and open-source tool for investigating the Dark Web. Its main goal is to help researchers and investigators monitor and track Dark Web sites. It provides valuable insights into hidden services, vulnerabilities, and potential threats on the Dark Web.
PacketTotal: PacketTotal is a platform that allows you to upload and analyze PCAP (Packet Capture) files. It helps you investigate network traffic and identify potential threats by providing detailed analysis of captured packets.
PhishCheck: PhishCheck is an online service that helps you identify and analyze phishing websites. It utilizes various detection techniques to determine the legitimacy of a website and provides real-time reports to help you protect against phishing attacks.
Piracema: Piracema is a threat intelligence platform that provides insights into emerging threats and cybercriminal activities. It offers a range of services, including vulnerability tracking, threat hunting, and analysis of malicious indicators, to help organizations enhance their security posture.
PulseDive: PulseDive is a threat intelligence platform that consolidates data from multiple sources, including threat feeds, vulnerability databases, and social media, into a unified view. It provides real-time intelligence and alerts, enabling you to stay informed about the latest threats and make informed security decisions.
Shodan: Shodan is a search engine for internet-connected devices. It allows you to discover and analyze various types of devices, including servers, routers, webcams, and more. Shodan helps you understand the security posture of your infrastructure and identify potential vulnerabilities.
SiteReport by Netcraft: SiteReport is a service provided by Netcraft that offers comprehensive website security and performance analysis. It helps you assess the security of a website, including information about its hosting infrastructure, SSL certificates, and historical data on phishing and malware incidents.
Talos Intelligence: Talos Intelligence is a threat intelligence platform operated by Cisco. It provides an in-depth analysis of emerging threats, vulnerabilities, and malware campaigns. Talos Intelligence helps organizations stay ahead of cyber threats and protect their systems and data.
ThreatCrowd: ThreatCrowd is a search engine for cyber threat intelligence. It aggregates data from various sources, including malware samples, IP addresses, domains, and email addresses, to provide a comprehensive view of potential threats. It helps you investigate and analyze indicators of compromise to enhance your threat detection capabilities.
ThreatMiner: ThreatMiner is a threat intelligence platform that enables you to analyze and visualize various types of cyber threats, including domains, IP addresses, hashes, and email addresses. It helps you uncover relationships between different indicators and gain insights into threat campaigns and infrastructure.
URLVoid: URLVoid is an online service that scans websites and checks their reputation based on various security parameters. It helps you assess the trustworthiness of a website by analyzing its domain, IP address, SSL certificate, and presence in blacklists.
VirusTotal: VirusTotal is a widely used online service for analyzing files and URLs for potential malware. It leverages multiple antivirus engines and threat intelligence sources to provide comprehensive reports on the safety and reputation of files and websites.
WHTop: WHTop is a web hosting resource that provides information and reviews about web hosting companies worldwide. It helps you make informed decisions when choosing a hosting provider by offering detailed insights into their services, customer reviews, and performance benchmarks.