{"id":19883658,"url":"https://github.com/muchdogesec/feeds2stix","last_synced_at":"2025-03-01T03:25:29.742Z","repository":{"id":248128742,"uuid":"827361576","full_name":"muchdogesec/feeds2stix","owner":"muchdogesec","description":"A set of scripts that take data from threat intelligence feeds and converts it into STIX 2.1 objects.","archived":false,"fork":false,"pushed_at":"2024-09-04T09:42:58.000Z","size":12094,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-11T18:33:28.826Z","etag":null,"topics":["stix2","threat-intelligence"],"latest_commit_sha":null,"homepage":"https://www.dogesec.com/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/muchdogesec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-11T13:59:51.000Z","updated_at":"2024-12-27T06:55:54.000Z","dependencies_parsed_at":"2024-07-12T15:52:22.099Z","dependency_job_id":"7f196a49-c1cb-497c-aa80-3d1b7b9cd7d5","html_url":"https://github.com/muchdogesec/feeds2stix","commit_stats":null,"previous_names":["muchdogesec/feeds2stix"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchdogesec%2Ffeeds2stix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchdogesec%2Ffeeds2stix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchdogesec%2Ffeeds2stix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/muchdogesec%2Ffeeds2stix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/muchdogesec","download_url":"https://codeload.github.com/muchdogesec/feeds2stix/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241312445,"owners_count":19942369,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["stix2","threat-intelligence"],"created_at":"2024-11-12T17:21:51.258Z","updated_at":"2025-03-01T03:25:29.725Z","avatar_url":"https://github.com/muchdogesec.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# feeds2stix\n\n## Overview\n\n![](processors/abuse_ch/sslipblacklist_aggressive/sslipblacklist_aggressive.png)\n\nA set of scripts that take data from threat intelligence feeds and convert them it into STIX 2.1 objects.\n\nThe aim of this repository is to demonstrate how easy it is for anyone to get structured cyber threat intelligence as STIX 2.1 objects into downstream tools.\n\nWe mainly use this repository to generate real examples we can use to test our other tooling. All content in this repo should be considered at proof-of-concept\n\n## Structure of this repository\n\nThe key parts of this repository are structured as follows;\n\n```txt\n.\n├── processors/\n│   ├── producer1/\n│   │\t├── README.md # describes the mapping of the feed.py files\n│   │\t├── feed1.py\n│   │   └── feed2.py\n│   └── producer2/\n│    \t├── README.md\n│    \t└── feed1.py \n└── bundles/ # will only exist after one script has been run\n    ├── producer1/\n    │\t├── feed1\n    │\t│\t├── bundle1.json # multiple bundles can be produced for a single feed (e.g. seperated by threat actor)\n    │\t│\t└── bundle2.json\n    │\t└── feed2\n    │\t\t├── bundle1.json\n    │\t\t└── bundle2.json\n    └── producer2/\n     \t└── feed1\n    \t\t└── bundle1.json\n```\n\nThe `processors` directory contains the scripts that generate the data. These scripts output the data they create into the `bundles` directory (this directory will only exist once you run one of the processor scripts).\n\nTo give you can idea of what the data for each script looks like, we've included an `examples` directory containing output bundles in the respective producers `processors` directory.\n\n## Adding new processors\n\nInstalling the script;\n\n```shell\n# clone the latest code\ngit clone https://github.com/muchdogesec/feeds2stix\n# create a venv\ncd feeds2stix\npython3 -m venv feeds2stix-venv\nsource feeds2stix-venv/bin/activate\n# install requirements\npip3 install -r requirements.txt\n```\n\nTODO\n\n## Useful supporting tools\n\n* [This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.](https://github.com/Bert-JanP/Open-Source-Threat-Intel-Feeds)\n\n## Support\n\n[Minimal support provided via the DOGESEC community](https://community.dogesec.com/).\n\n## License\n\n[Apache 2.0](/LICENSE).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuchdogesec%2Ffeeds2stix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmuchdogesec%2Ffeeds2stix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmuchdogesec%2Ffeeds2stix/lists"}