The knowledge base includes all the reference to software and components including in MeliCERTes. As MeliCERTes CSP is composed of various projects, this repository gives an easy access to documentations available for users, developers and contributors of the MeliCERTes CSP project.
Cerebrate is the central component of the MeliCERTes eco-system, providing directory services, information sharing related meta information as well as orchestration services for the local tools it interconnects with. All of the local tool components of MeliCERTes are autonomous and can work without Cerebrate, with the latter providing services to facilitate the management and configuration of the connected tools. The architecture provides a high level of resilience without sacrificing each organisation's abilities to pick and choose the components they wish to run based on their specific needs.
| Official link | cerebrate |
| Description | The Cerebrate Sync Platform core software. Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other security tools. |
| Install Documentation | INSTALL |
| Hardware Requirements | Requirements |
| User Documentation | |
| FAQ | |
| Issues | Cerebrate Issues |
| Training materials | Cerebrate Training Materials |
| Virtual Image |
| Official link | MISP |
| Description | MISP (core software) - Open Source Threat Intelligence and Sharing Platform (formely known as Malware Information Sharing Platform) |
| Install Documentation | INSTALL |
| Hardware Requirements | Requirements |
| User Documentation | misp-book |
| FAQ | FAQ |
| Issues | MISP Issues |
| Training materials | MISP Training Materials |
| Virtual Image | MISP VM |
| Security Reporting and Issues | security |
| Official link | IntelMQ |
| Description | IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol. |
| Install Documentation | https://intelmq.readthedocs.io/en/latest/user/installation.html |
| Hardware Requirements | Requirements |
| User Documentation | https://intelmq.readthedocs.io/en/latest/#user-guide |
| FAQ | https://intelmq.readthedocs.io/en/latest/user/FAQ.html |
| Issues | https://github.com/certtools/intelmq/issues |
| Training materials | https://github.com/certtools/intelmq-tutorial/ |
| Virtual Image | |
| Security Reporting and Issues | Security |
| Official link | MWDB Core |
| Description | Malware repository component for automated malware collection/analysis systems. |
| Install Documentation | https://mwdb.readthedocs.io/en/latest/setup-and-configuration.html |
| User Documentation | https://mwdb.readthedocs.io/en/latest/user-guide/index.html |
| FAQ | - |
| Issues | https://github.com/CERT-Polska/mwdb-core/issues |
| Training materials | https://www.first.org/events/training/ws-mar-apr2021/#pBuild-Your-Own-Malware-Analysis-Pipeline-Using-New-Open-Source-Tools |
| Virtual Image | - |
| Security Reporting and Issues | - |
| Official link | Karton |
| Description | Distributed malware processing framework based on Python, Redis and MinIO. |
| Install Documentation | https://karton-core.readthedocs.io/en/latest/getting_started.html |
| User Documentation | https://karton-core.readthedocs.io/ |
| FAQ | - |
| Issues | https://github.com/CERT-Polska/karton/issues |
| Training materials | https://www.first.org/events/training/ws-mar-apr2021/#pBuild-Your-Own-Malware-Analysis-Pipeline-Using-New-Open-Source-Tools |
| Virtual Image | - |
| Security Reporting and Issues | - |
| Official link | AIL Project |
| Description | AIL Project is an open source framework composed of different modules to collect, crawl, dig and analyse unstructured data. AIL includes an extensible Python-based framework for analysis of unstructure information collected via an advanced Crawler manager (such as Tor hidden services) or from different feeders (such as Twitter, Discord, Telegram Stream providers) or custom feeders. |
| Install Documentation | INSTALL |
| Hardware Requirements | |
| User Documentation | |
| FAQ | |
| Issues | AIL Project issues |
| Training materials | AIL training materials |
| Virtual Image | |
| Security Reporting and Issues | security |
| Official link | Taranis NG |
| Description | Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows osint gathering, analysis and reporting; team-to-team collaboration; and contains a user portal for simple self asset management. |
| Install Documentation | INSTALL |
| Hardware Requirements | Requirements |
| User Documentation | - |
| FAQ | - |
| Issues | Taranis NG issues |
| Training materials | - |
| Virtual Image | - |
| Security Reporting and Issues | security |