##master-page:FrontPage

#format wiki #language en #pragma section-numbers off

NOTE: This wiki is provided by the OASIS standards consortium as a collaborative tool for members of the OASIS Cyber Threat Intelligence (CTI) Technical Committee, who are permitted to post to these pages. As this is an official workspace of the TC, the OASIS IPR Policy and other OASIS rules apply to its use. To learn more about the work of the TC, send a comment, or join this effort, visit the OASIS Cyber Threat Intelligence (CTI) TC homepage.

Wiki pages are transient documents, so intermediate edits may not be saved. TC members should move all permanent work and stable artifacts to the TC's document repository, where the archival work product of the TC also can be viewed by the public.

******************************************************************************************************************************************************

About the CTI TC

The current leadership:

About STIX 2.x

About TAXII 2.x

Interoperability

Get Involved

Collaboration Mechanisms

Documentation

Open-source APIs and tools

name

description

cti-taxii-server

TAXII2 Server (Python)

cti-taxii-client

TAXII2 Client (Python)

cti-python-stix2

STIX2 APIs (Python)

cti-pattern-matcher

match observed data with patterns (Python)

cti-stix-elevator

Convert STIX1 to STIX2 (Python)

cti-stix-slider

Convert STIX2 to STIX1 (Python)

stix2patterns_translator

Translate STIX2 patterns to ElasticSearch or Splunk (Python)

cti-stix-validator

Validator for STIX 2.0 JSON normative requirements and best practices (Python)

cti-stix-visualization

Lightweight visualization for STIX 2.0 objects and relationships

cti-pattern-validator

Validate STIX2 patterns (Python)

cti-marking-prototype

Prototype for processing granular data markings in STIX (Python)

freetaxii-server

TAXII2 Server (Go)

libstix2

STIX2 Bindings (Go)

StixConvert

Convert STIX2 to GraphML or GEXF (Scala)

StixToNeoDB

Load STIX2 into Neo4j (Scala)

scalastix

STIX2 Bindings (Scala)

Taxii2LibScala

TAXII2 Client (Scala)

taxii2lib

Description: TAXII2 Client (Javascript)

MISP

Malware & Threat Sharing Platform

Cyberstation

Browser-based STIX2 editor, with ability to push to TAXII2 server

Stix-2.0-Editor

Cross-platform (Mac, Windows, Linux) STIX2 GUI Editor app

STIX2 data sources

description

user

pass

versions

Anomali Limo

guest

guest

2.0

FreeTAXII - ZeuS domain blocklist (BadDomains)

(unauthenticated)

2.1 preview

FreeTAXII - ZeuS IP blocklist (BadIPs)

(unauthenticated)

2.1 preview

FreeTAXII - ZeuS domain blocklist (Standard)

(unauthenticated)

2.1 preview

FreeTAXII - ZeuS IP blocklist (Standard)

(unauthenticated)

2.1 preview

FreeTAXII - ZeuS compromised URL blocklist

(unauthenticated)

2.1 preview

FreeTAXII - Feodo IP Blocklist

(unauthenticated)

2.1 preview

FreeTAXII - Ransomware Domain Blocklist

(unauthenticated)

2.1 preview

FreeTAXII - Ransomware IP Blocklist

(unauthenticated)

2.1 preview

FreeTAXII - Ransomware URL Blocklist

(unauthenticated)

2.1 preview

FreeTAXII - Emerging Threats Compromised IPs

(unauthenticated)

2.1 preview

FreeTAXII - Threatexpert.com Malicious URLs

(unauthenticated)

2.1 preview

ÜberTAXII - CIRCL OSINT

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - AIS TLP:WHITE

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - MITRE ATT&CK

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - Perch Security

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (DFP persona)

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (SIEM persona)

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (TDS persona)

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (TIP persona)

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (TMS persona)

ubertaxii

certain_players_want_a_pony

2.0

ÜberTAXII - CTI TC Interop test data (all)

ubertaxii

certain_players_want_a_pony

2.0

IBM XForce makes STIX2 data available but requires creating an individual account

(account required)

STIX 2.0, TAXII 1.1

MITRE CTI makes STIX2 data available for ATT&CK and CAPEC

(unauthenticated)

2.0

CIRCL makes STIX2 OSINT data available (vanilla HTTP, not TAXII-based)

(unauthenticated)

STIX 2.0, no TAXII

artwork

Other Misc.

This wiki is powered by MoinMoin.

FrontPage (last edited 2018-08-21 16:06:06 by trey)