├── README.md
└── json
    └── list.json


/README.md:
--------------------------------------------------------------------------------
 1 | # Tooling Directory
 2 | 
 3 | Tooling directory includes a list of tools (such as open source software) which
 4 | are developed or/and used by CSIRTs in the scope of the CSIRTs network. The directory
 5 | is split in 3 different categories: open source tools developed and maintained by
 6 | the CSIRTs, public online services provided by the CSIRTs and a category of open source tools used.
 7 | 
 8 | The goal is to provide an overview of all the tools available and used within the CSIRTs network.
 9 | 
10 | # Open Source Tools Developed, Maintained and Used by members of the CSIRTs network
11 | 
12 | |Software|CSIRT lead|Location|
13 | |--- |--- |---|
14 | |MISP|CIRCL|[https://www.misp-project.org/](https://www.misp-project.org/])|
15 | |AIL|CIRCL|[https://github.com/ail-project/AIL-framework](https://github.com/ail-project/AIL-framework)|
16 | |BGP Ranking|CIRCL|[https://github.com/D4-project/BGP-Ranking](https://github.com/D4-project/BGP-Ranking)|
17 | |cve-search|CIRCL|[https://github.com/cve-search/](https://github.com/cve-search/)|
18 | |vulnerability-lookup|CIRCL|[https://github.com/cve-search/vulnerability-lookup](https://github.com/vulnerability-lookup)|
19 | |IntelMQ|CERT.at|[https://github.com/certtools/intelmq](https://github.com/certtools/intelmq])|
20 | |FollowTcpStream|CERT.at|[https://github.com/certat/FollowTcpStream](https://github.com/certat/FollowTcpStream)|
21 | |n6|CERT.PL|[https://github.com/CERT-Polska/n6](https://github.com/CERT-Polska/n6)|
22 | |MWDB Core|CERT.PL|[https://github.com/CERT-Polska/mwdb-core](https://github.com/CERT-Polska/mwdb-core)|
23 | |Karton|CERT.PL|[https://github.com/CERT-Polska/karton](https://github.com/CERT-Polska/karton)|
24 | |Artemis|CERT.PL|[https://github.com/CERT-Polska/Artemis](https://github.com/CERT-Polska/Artemis)|
25 | |Drakvuf Sandbox|CERT.PL|[https://github.com/CERT-Polska/drakvuf-sandbox](https://github.com/CERT-Polska/drakvuf-sandbox)|
26 | |eml-parser|GOVCERT.LU|[https://github.com/GOVCERT-LU/eml_parser](https://github.com/GOVCERT-LU/eml_parser)|
27 | |GCNotify|GOVCERT.LU|[https://github.com/GOVCERT-LU/GCNotify](https://github.com/GOVCERT-LU/GCNotify)|
28 | |bmc-tools|ANSSI-FR|[https://github.com/ANSSI-FR/bmc-tools](https://github.com/ANSSI-FR/bmc-tools)|
29 | |bootcode-parser|ANSSI-FR|[https://github.com/ANSSI-FR/bootcode_parser](https://github.com/ANSSI-FR/bootcode_parser)|
30 | |bits-parser|ANSSI-FR|[https://github.com/ANSSI-FR/bits_parser](https://github.com/ANSSI-FR/bits_parser)|
31 | |AD-control-paths|ANSSI-FR|[https://github.com/ANSSI-FR/AD-control-paths](https://github.com/ANSSI-FR/AD-control-paths)|
32 | |S4A|CERT-EE|[https://github.com/cert-ee/s4a](https://github.com/cert-ee/s4a)|
33 | |Envelope|CSIRT.cz|[https://github.com/CZ-NIC/envelope](https://github.com/CZ-NIC/envelope)|
34 | |Convey|CSIRT.cz|[https://github.com/CZ-NIC/convey](https://github.com/CZ-NIC/convey)|
35 | |Python RT API|CSIRT.cz|[https://github.com/CZ-NIC/python-rt](https://github.com/CZ-NIC/python-rt)
36 | |DO Portal (contact management portal)|CERT.eu / CERT.at|[https://github.com/certat/do-portal](https://github.com/certat/do-portal)|
37 | |Taranis NG|SK-CERT|[https://github.com/SK-CERT/Taranis-NG](https://github.com/SK-CERT/Taranis-NG)|
38 | 
39 | 
40 | # Public Online Services Offered by members of the CSIRTs network
41 | 
42 | |Service|CSIRT lead|Location|
43 | |---|---|---|
44 | |contacts.cert.at|CERT.at|[https://contacts.cert.at/](https://contacts.cert.at/)|
45 | |Cuckoo Sandbox|CERT.EE|[https://cuckoo.cert.ee/](https://cuckoo.cert.ee/)|
46 | |Vulnerability Lookup|CIRCL|[https://vulnerability.circl.lu/](https://vulnerability.circl.lu/)|
47 | |Hashlookup|CIRCL|[https://hashlookup.circl.lu/](https://hashlookup.circl.lu/)|
48 | |LookyLoo (analyse website)|CIRCL|[https://lookyloo.circl.lu](https://lookyloo.circl.lu)|
49 | |Pandora (file analysis)|CIRCL|[https://pandora.circl.lu/](https://pandora.circl.lu)|
50 | |RPKI Chronicle|CSIRT.cz|[https://github.com/CZ-NIC/RPKI-chronicle](https://github.com/CZ-NIC/RPKI-chronicle)|
51 | |Typosquatting finder|CIRCL|[https://typosquatting-finder.circl.lu/](https://typosquatting-finder.circl.lu/)|
52 | 
53 | # Open Source Tools Used by the members of the CSIRTs network
54 | 
55 | |Software|Provider|Location|
56 | |---|---|---|
57 | |RTIR|BestPractical|[https://github.com/bestpractical/rtir](https://github.com/bestpractical/rtir)|
58 | |IntelMQ Fody|Intevation|[https://github.com/Intevation/intelmq-fody](https://github.com/Intevation/intelmq-fody)|
59 | 
60 | 
61 | # Contribute
62 | 
63 | The tooling directory is maintained by the Tooling WG of the CSIRT network. If you want to contribute by extending
64 | the list, fix issues or provide feedback, feel free to open an issue or do a pull-request on this repository.
65 | 
66 | 


--------------------------------------------------------------------------------
/json/list.json:
--------------------------------------------------------------------------------
  1 | [
  2 |   {
  3 |     "name": "MISP",
  4 |     "csirt": [
  5 |       "CIRCL"
  6 |     ],
  7 |     "location": [
  8 |       "https://www.misp-project.org/"
  9 |     ],
 10 |     "repository": [
 11 |       "https://github.com/MISP/MISP"
 12 |     ]
 13 |   },
 14 |   {
 15 |     "name": "AIL",
 16 |     "csirt": [
 17 |       "CIRCL"
 18 |     ],
 19 |     "location": [
 20 |       "https://github.com/CIRCL/AIL-framework"
 21 |     ],
 22 |     "repository": [
 23 |       "https://github.com/CIRCL/AIL-framework"
 24 |     ]
 25 |   },
 26 |   {
 27 |     "name": "BGP Ranking",
 28 |     "csirt": [
 29 |       "CIRCL"
 30 |     ],
 31 |     "location": [
 32 |       "https://bgpranking.circl.lu/"
 33 |     ],
 34 |     "repository": [
 35 |       "https://github.com/D4-project/BGP-Ranking"
 36 |     ]
 37 |   },
 38 |   {
 39 |     "name": "cve-search",
 40 |     "csirt": [
 41 |       "CIRCL"
 42 |     ],
 43 |     "location": [
 44 |       "https://www.cve-search.org"
 45 |     ],
 46 |     "repository": [
 47 |       "https://github.com/cve-search/cve-search"
 48 |     ]
 49 |   },
 50 |   {
 51 |     "name": "IntelMQ",
 52 |     "csirt": [
 53 |       "CERT.at"
 54 |     ],
 55 |     "location": [
 56 |       "https://github.com/certtools/intelmq"
 57 |     ],
 58 |     "repository": [
 59 |       "https://github.com/certtools/intelmq"
 60 |     ]
 61 |   },
 62 |   {
 63 |     "name": "n6",
 64 |     "csirt": [
 65 |       "CERT.pl"
 66 |     ],
 67 |     "location": [
 68 |       "https://github.com/CERT-Polska/n6"
 69 |     ],
 70 |     "repository": [
 71 |       "https://github.com/CERT-Polska/n6"
 72 |     ]
 73 |   },
 74 |   {
 75 |     "name": "TheHive",
 76 |     "csirt": [
 77 |       "CERT-EU",
 78 |       "CERT-BDF"
 79 |     ],
 80 |     "location": [
 81 |       "https://github.com/TheHive-Project/TheHive"
 82 |     ],
 83 |     "repository": [
 84 |       "https://github.com/TheHive-Project/TheHive"
 85 |     ]
 86 |   },
 87 |   {
 88 |     "name": "Cortex",
 89 |     "csirt": [
 90 |       "CERT-EU",
 91 |       "CERT-BDF"
 92 |     ],
 93 |     "location": [
 94 |       "https://github.com/TheHive-Project/Cortex-Analyzers"
 95 |     ],
 96 |     "repository": [
 97 |       "https://github.com/TheHive-Project/Cortex-Analyzers"
 98 |     ]
 99 |   },
100 |   {
101 |     "name": "eml-parser",
102 |     "csirt": [
103 |       "GOVCERT.LU"
104 |     ],
105 |     "location": [
106 |       "https://github.com/GOVCERT-LU/eml_parser"
107 |     ],
108 |     "repository": [
109 |       "https://github.com/GOVCERT-LU/eml_parser"
110 |     ]
111 |   },
112 |   {
113 |     "name": "GCNotify",
114 |     "csirt": [
115 |       "GOVCERT.LU"
116 |     ],
117 |     "location": [
118 |       "https://github.com/GOVCERT-LU/GCNotify"
119 |     ],
120 |     "repository": [
121 |       "https://github.com/GOVCERT-LU/GCNotify"
122 |     ]
123 |   },
124 |   {
125 |     "name": "bmc-tools",
126 |     "csirt": [
127 |       "ANSSI-FR"
128 |     ],
129 |     "location": [
130 |       "https://github.com/ANSSI-FR/bmc-tools"
131 |     ],
132 |     "repository": [
133 |       "https://github.com/ANSSI-FR/bmc-tools"
134 |     ]
135 |   },
136 |   {
137 |     "name": "bootcode",
138 |     "csirt": [
139 |       "ANSSI-FR"
140 |     ],
141 |     "location": [
142 |       "https://github.com/ANSSI-FR/bootcode_parser"
143 |     ],
144 |     "repository": [
145 |       "https://github.com/ANSSI-FR/bootcode_parser"
146 |     ]
147 |   },
148 |   {
149 |     "name": "bits-parser",
150 |     "csirt": [
151 |       "ANSSI-FR"
152 |     ],
153 |     "location": [
154 |       "https://github.com/ANSSI-FR/bits_parser"
155 |     ],
156 |     "repository": [
157 |       "https://github.com/ANSSI-FR/bits_parser"
158 |     ]
159 |   },
160 |   {
161 |     "name": "AD-control",
162 |     "csirt": [
163 |       "ANSSI-FR"
164 |     ],
165 |     "location": [
166 |       "https://github.com/ANSSI-FR/AD-control-paths"
167 |     ],
168 |     "repository": [
169 |       "https://github.com/ANSSI-FR/AD-control-paths"
170 |     ]
171 |   },
172 |   {
173 |     "name": "S4A",
174 |     "csirt": [
175 |       "CERT-EE"
176 |     ],
177 |     "location": [
178 |       "https://github.com/cert-ee/s4a](https://github.com/cert-ee/s4a"
179 |     ],
180 |     "repository": [
181 |       "https://github.com/cert-ee/s4a](https://github.com/cert-ee/s4a"
182 |     ]
183 |   }
184 | ]
185 | 


--------------------------------------------------------------------------------