{"id":13510746,"url":"https://github.com/yeti-platform/yeti","last_synced_at":"2025-05-14T04:10:22.094Z","repository":{"id":37664780,"uuid":"47927876","full_name":"yeti-platform/yeti","owner":"yeti-platform","description":"Your Everyday Threat Intelligence","archived":false,"fork":false,"pushed_at":"2025-05-01T22:27:42.000Z","size":36353,"stargazers_count":1846,"open_issues_count":38,"forks_count":299,"subscribers_count":101,"default_branch":"main","last_synced_at":"2025-05-01T22:31:16.504Z","etag":null,"topics":["dfir","enrichment","infosec","intelligence","threat-hunting","threat-sharing","threatintel"],"latest_commit_sha":null,"homepage":"https://yeti-platform.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yeti-platform.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2015-12-13T16:54:26.000Z","updated_at":"2025-04-30T17:49:10.000Z","dependencies_parsed_at":"2024-05-17T16:37:53.363Z","dependency_job_id":"79483e6b-56e7-4167-bb75-678818d33ba1","html_url":"https://github.com/yeti-platform/yeti","commit_stats":null,"previous_names":[],"tags_count":41,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fyeti","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fyeti/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fyeti/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yeti-platform%2Fyeti/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yeti-platform","download_url":"https://codeload.github.com/yeti-platform/yeti/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254070112,"owners_count":22009559,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dfir","enrichment","infosec","intelligence","threat-hunting","threat-sharing","threatintel"],"created_at":"2024-08-01T02:01:52.699Z","updated_at":"2025-05-14T04:10:17.072Z","avatar_url":"https://github.com/yeti-platform.png","language":"Python","readme":"# Yeti Platform\n\nYeti aims to bridge the gap between CTI and DFIR practitioners by providing a\nForensics Intelligence platform and pipeline for DFIR teams. It was born out of frustration\nof having to answer the question \"where have I seen this artifact before?\" or\n\"how do I search for IOCs related to this threat (or all threats?) in my timeline?\"\n\nDocumentation links:\n\n* Main website: https://yeti-platform.io/\n* [Documentation](https://yeti-platform.io/docs)\n* [Guides](https://yeti-platform.io/guides)\n\n![](https://yeti-platform.io/logo.png)\n\n## What is Yeti?\n\nIn a nutshell, Yeti allows you to:\n\n- Bulk search observables and get a pretty good guess on the nature of the\n  threat, and how to find it on a system.\n- Inversely, focus on a threat and quickly list all TTPs, malware, and related\n  DFIR artifacts.\n- Let CTI analysts focus on adding intelligence rather than worrying about\n  machine-readable export formats.\n- Incorporate your own data sources, analytics, and logic very easily.\n\nThis is done by:\n\n- Storing technical and tactical CTI (observables, TTPs, campagins, etc.) from\n  internal or external systems.\n- Being a backend for DFIR-related queries: Yara signatures, Sigma rules, DFIQ.\n- Providing a web API to automate queries (think incident management platform)\n  and enrichment (think malware sandbox).\n- Export the data in user-defined formats so that they can be ingested by\n  third-party applications (SIEM, DFIR platforms).\n\n## Some screenshots\n\n![](https://yeti-platform.io/scattered.png)\n\n![](https://yeti-platform.io/attack.png)\n\n![](https://yeti-platform.io/vuln.png)\n\n![](https://yeti-platform.io/intrusionset.png)\n","funding_links":[],"categories":["Open Source Threat Intelligence","Python","\u003ca id=\"f56806b5b229bdf6c118f5fb1092e141\"\u003e\u003c/a\u003e威胁情报","Tools","Python (1887)","Open Source Platforms \u0026 Frameworks","threat-hunting","Blue Team","THREAT INTEL"],"sub_categories":["Other Resources","\u003ca id=\"8fd1f0cfde78168c88fc448af9c6f20f\"\u003e\u003c/a\u003e未分类-ThreatIntelligence","Threat Hunting"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeti-platform%2Fyeti","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyeti-platform%2Fyeti","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyeti-platform%2Fyeti/lists"}