OneMillion API
API to check if a domain is in a list of the one million most visited domains.
Playbook Friday Blogs
Some of my playbooks were featured in ThreatConnect's playbook Friday blogs.
ThreatConnect Open-Source Resources Site
A site listing ThreatConnect's open-source resources.
ThreatConnect DoubleCheck
Library for testing and validating the contents and structure of data in ThreatConnect.
Indicator of Compromise Utility Library
Helpful functions for working with indicators of compromise.
Angular2+ Indicator of Compromise Parser
Angular2+ service for parsing indicators of compromise from text.
Indicator of Compromise Finder
Python package to find Indicators-of-Compromise in text.
XN-Twist
Algorithm and classification system to identify and monitor Unicode domain squats which may used to target an organization.
Indicator of Compromise Fanging/Defanging Library
Standardizing the way indicators are fanged and defanged.
Robtex Python SDK
Python wrapper for the Robtex API.
OneMillion
Check if a domain is in the Alexa or Cisco one million domain lists.
Magento Malware Investigation
Investigation of a magento malware compromise.