OneMillion API

November 23, 2018 - API to check if a domain is in a list of the one million most visited domains.

Playbook Friday Blogs

October 24, 2018 - Some of my playbooks were featured in ThreatConnect's playbook Friday blogs.

ThreatConnect Open-Source Resources Site

August 16, 2018 - A site listing ThreatConnect's open-source resources.

ThreatConnect DoubleCheck

August 6, 2018 - Library for testing and validating the contents and structure of data in ThreatConnect.

Indicator of Compromise Utility Library

July 30, 2018 - Helpful functions for working with indicators of compromise.

Angular2+ Indicator of Compromise Parser

June 1, 2018 - Angular2+ service for parsing indicators of compromise from text.

Indicator of Compromise Finder

February 5, 2018 - Python package to find Indicators-of-Compromise in text.

XN-Twist

November 5, 2017 - Algorithm and classification system to identify and monitor Unicode domain squats which may used to target an organization.

Indicator of Compromise Fanging/Defanging Library

October 5, 2017 - Standardizing the way indicators are fanged and defanged.

Robtex Python SDK

September 19, 2017 - Python wrapper for the Robtex API.

OneMillion

April 5, 2017 - Check if a domain is in the Alexa or Cisco one million domain lists.

Magento Malware Investigation

December 11, 2016 - Investigation of a magento malware compromise.