{"id":13540098,"url":"https://github.com/certtools/intelmq","last_synced_at":"2025-04-02T06:32:08.109Z","repository":{"id":18093900,"uuid":"21160389","full_name":"certtools/intelmq","owner":"certtools","description":"IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.","archived":false,"fork":false,"pushed_at":"2024-05-10T10:29:28.000Z","size":30800,"stargazers_count":940,"open_issues_count":204,"forks_count":294,"subscribers_count":75,"default_branch":"develop","last_synced_at":"2024-05-21T12:56:49.891Z","etag":null,"topics":["alerts","automation","cert","csirt","cybersecurity","feeds","handling","ihap","incident","incident-response","intelligence","ioc","malware","phishing","python","threat"],"latest_commit_sha":null,"homepage":"https://docs.intelmq.org/latest/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/certtools.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2014-06-24T10:11:39.000Z","updated_at":"2024-05-20T17:12:56.000Z","dependencies_parsed_at":"2024-01-13T10:12:39.833Z","dependency_job_id":"7d2f0967-a0ec-40a4-a518-e56f01bd9a80","html_url":"https://github.com/certtools/intelmq","commit_stats":{"total_commits":6054,"total_committers":141,"mean_commits":42.93617021276596,"dds":0.6133135117277833,"last_synced_commit":"a0c0ce59cb12034ee6d3c8da3b4cd19f1825ad1b"},"previous_names":[],"tags_count":69,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/certtools%2Fintelmq","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/certtools%2Fintelmq/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/certtools%2Fintelmq/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/certtools%2Fintelmq/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/certtools","download_url":"https://codeload.github.com/certtools/intelmq/tar.gz/refs/heads/develop","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246768363,"owners_count":20830653,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alerts","automation","cert","csirt","cybersecurity","feeds","handling","ihap","incident","incident-response","intelligence","ioc","malware","phishing","python","threat"],"created_at":"2024-08-01T09:01:40.255Z","updated_at":"2025-04-02T06:32:03.099Z","avatar_url":"https://github.com/certtools.png","language":"Python","readme":"\u003c!-- comment\n   SPDX-FileCopyrightText: 2015-2023 Sebastian Wagner, Filip Pokorný\n   SPDX-License-Identifier: AGPL-3.0-or-later\n--\u003e\n\n\u003c!--\n[![CII Badge](https://bestpractices.coreinfrastructure.org/projects/4186/badge)](https://bestpractices.coreinfrastructure.org/projects/4186/)\n--\u003e\n\n![IntelMQ](docs/static/images/Logo_Intel_MQ.svg)\n\n\n# Introduction\n\n**IntelMQ** is a solution for IT security teams (CERTs \u0026 CSIRTs, SOCs\nabuse departments, etc.) for collecting and processing security feeds\n(such as log files) using a message queuing protocol. It's a community\ndriven initiative called **IHAP**[^1] (Incident Handling Automation Project)\nwhich was conceptually designed by European CERTs/CSIRTs during several\nInfoSec events. Its main goal is to give to incident responders an easy\nway to collect \u0026 process threat intelligence thus improving the incident\nhandling processes of CERTs.\n\nIntelMQ is frequently used for:\n\n- automated incident handling\n- situational awareness\n- automated notifications\n- as data collector for other tools\n- and more!\n\nThe design was influenced by\n[AbuseHelper](https://github.com/abusesa/abusehelper) however it was\nre-written from scratch and aims at:\n\n-   Reducing the complexity of system administration\n-   Reducing the complexity of writing new bots for new data feeds\n-   Reducing the probability of events lost in all process with persistence functionality (even system crash)\n-   Use and improve the existing Data Harmonization Ontology\n-   Use JSON format for all messages\n-   Provide easy way to store data into databases and log collectors such as PostgreSQL, Elasticsearch and Splunk\n-   Provide easy way to create your own black-lists\n-   Provide easy communication with other systems via HTTP RESTful API\n\nIt follows the following basic meta-guidelines:\n\n-   Don't break simplicity - KISS\n-   Keep it open source - forever\n-   Strive for perfection while keeping a deadline\n-   Reduce complexity/avoid feature bloat\n-   Embrace unit testing\n-   Code readability: test with inexperienced programmers\n-   Communicate clearly\n\n## Contribute\n\n- Subscribe to the [IntelMQ Developers mailing list](https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev) and engage in discussions\n- Report any errors and suggest improvements via [issues](https://github.com/certtools/intelmq/issues)\n- Read the Developer Guide and open a [pull request](https://github.com/certtools/intelmq/pulls)\n\n[^1]: [Incident Handling Automation Project](https://www.enisa.europa.eu/activities/cert/support/incident-handling-automation), mailing list: ihap@lists.trusted-introducer.org\n\n\n![CEF](https://ec.europa.eu/inea/sites/default/files/ceflogos/en_horizontal_cef_logo_2.png)\n","funding_links":[],"categories":["\u003ca id=\"569887799ee0148230cc5d7bf98e96d0\"\u003e\u003c/a\u003e未分类-Assist","\u003ca id=\"43b0310ac54c147a62c545a2b0f4bce2\"\u003e\u003c/a\u003e辅助周边","Challenges","Tools","Open Source Platforms \u0026 Frameworks","Python"],"sub_categories":["\u003ca id=\"776c034543a65be69c061d1aafce3127\"\u003e\u003c/a\u003e新添加的","\u003ca id=\"569887799ee0148230cc5d7bf98e96d0\"\u003e\u003c/a\u003e未分类","Frameworks"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcerttools%2Fintelmq","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcerttools%2Fintelmq","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcerttools%2Fintelmq/lists"}