tooling-directory

Tooling Directory

Tooling directory includes a list of tools (such as open source software) which are developed or/and used by CSIRTs in the scope of the CSIRTs network. The directory is split in 3 different categories: open source tools developed and maintained by the CSIRTs, public online services provided by the CSIRTs and a category of open source tools used.

The goal is to provide an overview of all the tools available and used within the CSIRTs network.

Open Source Tools Developed, Maintained and Used by members of the CSIRTs network

Software	CSIRT lead	Location
MISP	CIRCL	https://www.misp-project.org/
AIL	CIRCL	https://github.com/CIRCL/AIL-framework
BGP Ranking	CIRCL	https://github.com/D4-project/BGP-Ranking
cve-search	CIRCL	https://github.com/cve-search/
IntelMQ	CERT.at	https://github.com/certtools/intelmq
FollowTcpStream	CERT.at	https://github.com/certat/FollowTcpStream
n6	CERT.pl	https://github.com/CERT-Polska/n6
TheHive	BDF CERT/CERT-EU	https://github.com/TheHive-Project/TheHive
Cortex	BDF CERT/CERT-EU	https://github.com/TheHive-Project/Cortex-Analyzers/
eml-parser	GOVCERT.LU	https://github.com/GOVCERT-LU/eml_parser
GCNotify	GOVCERT.LU	https://github.com/GOVCERT-LU/GCNotify
bmc-tools	ANSSI-FR	https://github.com/ANSSI-FR/bmc-tools
bootcode-parser	ANSSI-FR	https://github.com/ANSSI-FR/bootcode_parser
bits-parser	ANSSI-FR	https://github.com/ANSSI-FR/bits_parser
AD-control-paths	ANSSI-FR	https://github.com/ANSSI-FR/AD-control-paths
S4A	CERT-EE	https://github.com/cert-ee/s4a
Envelope	CSIRT.cz	https://github.com/CZ-NIC/envelope
Convey	CSIRT.cz	https://github.com/CZ-NIC/convey
Python RT API	CSIRT.cz	https://github.com/CZ-NIC/python-rt
DO Portal (contact management portal)	CERT.eu / CERT.at	https://github.com/certeu/do-portal / https://github.com/certat/do-portal
Taranis NG	SK-CERT	https://github.com/SK-CERT/Taranis-NG

Public Online Services Offered by members of the CSIRTs network

Service	CSIRT lead	Location
contacts.cert.at	CERT.at	https://contacts.cert.at/
Cuckoo Sandbox	CERT.EE	https://cuckoo.cert.ee/
CVE Search	CIRCL	https://cve.circl.lu/
LookyLoo (analyse website)	CIRCL	https://lookyloo.circl.lu
Pandora (file analysis)	CIRCL	https://pandora.circl.lu/
RPKI Chronicle	CSIRT.cz	https://rpki-chronicle.csirt.cz/
Typosquatting finder	CIRCL	https://typosquatting-finder.circl.lu/

Open Source Tools Used by the members of the CSIRTs network

Software	Provider	Location
RTIR	BestPractical	https://github.com/bestpractical/rtir
IntelMQ Fody	Intevation	https://github.com/Intevation/intelmq-fody

Contribute

The tooling directory is maintained by the Tooling WG of the CSIRT network. If you want to contribute by extending the list, fix issues or provide feedback, feel free to open an issue or do a pull-request on this repository.