[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-75756":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":9,"totalLinesOfCode":9,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":9,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":9,"rankLanguage":9,"license":9,"archived":22,"fork":22,"defaultBranch":23,"hasWiki":22,"hasPages":22,"topics":24,"createdAt":9,"pushedAt":9,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},75756,"opencti","OpenCTI-Platform\u002Fopencti","OpenCTI-Platform","Open Cyber Threat Intelligence Platform",null,"https:\u002F\u002Fgithub.com\u002FOpenCTI-Platform\u002Fopencti","TypeScript",9532,1372,150,1779,0,19,43,217,57,40.41,false,"main",[25,26,27,28,29,30,31],"cyber","cti","threat-intelligence","security","intelligence","osint","cybersecurity","2026-06-12 02:03:35","\u003Ch1 align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fopencti.io\">\u003Cimg src=\".\u002F.github\u002Fimg\u002Flogo_opencti.png\" alt=\"OpenCTI\">\u003C\u002Fa>\n\u003C\u002Fh1>\n\u003Cp align=\"center\">\n  \u003Ca href=\"https:\u002F\u002Fopencti.io\" alt=\"Website\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fwebsite-opencti.io-blue.svg\" \u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fdocs.opencti.io\" alt=\"Documentation\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fdocumentation-latest-orange.svg\" \u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fcommunity.filigran.io\" alt=\"Slack\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fslack-3K%2B%20members-4A154B\" \u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fdrone.filigran.io\u002FOpenCTI-Platform\u002Fopencti\">\u003Cimg src=\"https:\u002F\u002Fdrone.filigran.io\u002Fapi\u002Fbadges\u002FOpenCTI-Platform\u002Fopencti\u002Fstatus.svg\" \u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fcodecov.io\u002Fgh\u002FOpenCTI-Platform\u002Fopencti\">\u003Cimg src=\"https:\u002F\u002Fcodecov.io\u002Fgh\u002FOpenCTI-Platform\u002Fopencti\u002Fgraph\u002Fbadge.svg\" \u002F>\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fdeepscan.io\u002Fdashboard#view=project&tid=4926&pid=6716&bid=57311\">\u003Cimg src=\"https:\u002F\u002Fdeepscan.io\u002Fapi\u002Fteams\u002F4926\u002Fprojects\u002F6716\u002Fbranches\u002F57311\u002Fbadge\u002Fgrade.svg\" alt=\"DeepScan grade\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Frenovatebot.com\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Frenovate-enabled-brightgreen.svg\" alt=\"DeepScan grade\">\u003C\u002Fa>\n  \u003Ca href=\"https:\u002F\u002Fhub.docker.com\u002Fu\u002Fopencti\" alt=\"Docker pulls\">\u003Cimg src=\"https:\u002F\u002Fimg.shields.io\u002Fdocker\u002Fpulls\u002Fopencti\u002Fplatform\" \u002F>\u003C\u002Fa>\n\u003C\u002Fp>\n\n## Introduction\n\nOpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.\n\nThe structuration of the data is performed using a knowledge schema based on the [STIX2 standards](https:\u002F\u002Foasis-open.github.io\u002Fcti-documentation\u002F). It has been designed as a modern web application including a [GraphQL API](https:\u002F\u002Fgraphql.org) and an UX oriented frontend. Also, OpenCTI can be integrated with other tools and applications such as [MISP](https:\u002F\u002Fgithub.com\u002FMISP\u002FMISP), [TheHive](https:\u002F\u002Fgithub.com\u002FTheHive-Project\u002FTheHive), [MITRE ATT&CK](https:\u002F\u002Fgithub.com\u002Fmitre\u002Fcti), etc.\n\n![Screenshot](.\u002F.github\u002Fimg\u002Fscreenshot.png \"Screenshot\")\n\n## Objective\n\nThe goal is to create a comprehensive tool allowing users to capitalize technical (such as TTPs and observables) and non-technical information (such as suggested attribution, victimology etc.) while linking each piece of information to its primary source (a report, a MISP event, etc.), with features such as links between each information, first and last seen dates, levels of confidence, etc. The tool is able to use the [MITRE ATT&CK framework](https:\u002F\u002Fattack.mitre.org) (through a [dedicated connector](https:\u002F\u002Fgithub.com\u002FOpenCTI-Platform\u002Fconnectors)) to help structure the data. The user can also choose to implement their own datasets.\n\nOnce data has been capitalized and processed by the analysts within OpenCTI, new relations may be inferred from existing ones to facilitate the understanding and the representation of this information. This allows the user to extract and leverage meaningful knowledge from the raw data.\n\nOpenCTI not only allows [imports](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fusage\u002Fimport-automated\u002F) but also [exports of data](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fusage\u002Ffeeds\u002F) under different formats (CSV, STIX2 bundles, etc.). [Connectors](https:\u002F\u002Fhub.filigran.io\u002Fcybersecurity-solutions\u002Fopen-cti-integrations) are currently developed to accelerate interactions between the tool and other platforms.\n\n## Editions of the platform\n\nOpenCTI platform has 2 different editions: Community (CE) and Enterprise (EE). The purpose of the Enterprise Edition is to provide [additional and powerful features](https:\u002F\u002Ffiligran.io\u002Foffering\u002Fsubscribe) which require specific investments in research and development. You can enable the Enterprise Edition directly in the settings of the platform.\n\n* OpenCTI Community Edition, licensed under the [Apache 2, Version 2.0 license](LICENSE).\n* OpenCTI Enterprise Edition, licensed under the [Enterprise Edition license](LICENSE).\n\nTo understand what OpenCTI Enterprise Edition brings in terms of features, just check the [Enterprise Editions page](https:\u002F\u002Ffiligran.io\u002Foffering\u002Fsubscribe) on the Filigran website. You can also try this edition by enabling it in the settings of the platform.\n\n## Documentation and demonstration\n\nIf you want to know more on OpenCTI, you can read the [documentation on the tool](https:\u002F\u002Fdocs.opencti.io). If you wish to discover how the OpenCTI platform is working, a [demonstration instance](https:\u002F\u002Fdemo.opencti.io) is available and open to everyone. This instance is reset every night and is based on reference data maintained by the OpenCTI developers.\n\n## Releases download\n\nThe releases are available on the [Github releases page](https:\u002F\u002Fgithub.com\u002FOpenCTI-Platform\u002Fopencti\u002Freleases). You can also access the [rolling release package](https:\u002F\u002Freleases.opencti.io) generated from the master branch of the repository.\n\n## Installation\n\nAll you need to install the OpenCTI platform can be found in the [official documentation](https:\u002F\u002Fdocs.opencti.io). For installation, you can:\n\n* [Use Docker](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fdeployment\u002Finstallation\u002F#using-docker)\n* [Install manually](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fdeployment\u002Finstallation\u002F#install-manually)\n* [Use Terraform (community)](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fdeployment\u002Finstallation\u002F#terraform)\n* [Use Helm charts (community)](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fdeployment\u002Finstallation\u002F#helm-charts)\n\n## Contributing\n\n### Code of Conduct\n\nOpenCTI has adopted a [Code of Conduct](CODE_OF_CONDUCT.md) that we expect project participants to adhere to. Please read the [full text](CODE_OF_CONDUCT.md) so that you can understand what actions will and will not be tolerated.\n\n### Contributing Guide\n\nRead our [contributing guide](CONTRIBUTING.md) to learn about our development process, how to propose bugfixes and improvements, and how to build and test your changes to OpenCTI.\n\n### Beginner friendly issues\n\nTo help you get you familiar with our contribution process, we have a list of [beginner friendly issues](https:\u002F\u002Fgithub.com\u002FOpenCTI-Platform\u002Fopencti\u002Flabels\u002Fbeginner%20friendly%20issue) which are fairly easy to implement. This is a great place to get started.\n\n### Development\n\nIf you want to actively help OpenCTI, we created a [dedicated documentation](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Fdevelopment\u002Fenvironment_ubuntu\u002F) about the deployment of a development environment and how to start the source code modification.\n\n## Community\n\n### Status & bugs\n\nCurrently OpenCTI is under heavy development, if you wish to report bugs or ask for new features, you can directly use the [Github issues module](https:\u002F\u002Fgithub.com\u002FOpenCTI-Platform\u002Fopencti\u002Fissues).\n\n### Discussion\n\nIf you need support or you wish to engage a discussion about the OpenCTI platform, feel free to join us on our [Slack channel](https:\u002F\u002Fcommunity.filigran.io). You can also send us an email to contact@filigran.io.\n\n## About\n\n### Authors\n\nOpenCTI is a product designed and developed by the company [Filigran](https:\u002F\u002Ffiligran.io).\n\n\u003Ca href=\"https:\u002F\u002Ffiligran.io\" alt=\"Filigran\">\u003Cimg src=\".\u002F.github\u002Fimg\u002Flogo_filigran.png\" width=\"300\" \u002F>\u003C\u002Fa>\n\n### Data Collection\n\n#### Usage telemetry\n\nTo improve the features and the performances of OpenCTI, the platform collects anonymous statistical data related to its usage and health.\n\nYou can find all the details on collected data and associated usage in the [usage telemetry documentation](https:\u002F\u002Fdocs.opencti.io\u002Flatest\u002Freference\u002Fusage-telemetry\u002F).\n\n#### OpenStreetMap server\n\nTo provide OpenCTI users with cartography features, the platform uses a dedicated OpenStreetMap server (https:\u002F\u002Fmap.opencti.io). To monitor usage and adapt services performances, Filigran collects access log to this server (including IP addresses).\n\nBy using this server, you authorize Filigran to collect this information. Otherwise, you are free to deploy your own OpenStreetMap server and modify the platform configuration accordingly.\n\nIf you have started using the Filigran server and change your mind, you have the right to access, limit, rectify, erase and receive your data. To exercise your rights, please send your request to privacy@filigran.io.\n","OpenCTI是一个开源的网络威胁情报管理平台，旨在帮助组织结构化、存储、组织和可视化技术及非技术性的网络威胁信息。该项目基于STIX2标准构建数据结构，并采用现代Web应用架构，包括GraphQL API和用户友好的前端界面。它支持与其他工具如MISP、TheHive以及MITRE ATT&CK框架集成，增强了其功能性和实用性。适用于需要对网络安全威胁进行系统化管理和分析的企业或机构，特别是那些希望提高威胁情报处理效率并加强内部协作的团队。",2,"2026-06-11 03:53:15","trending"]