Community driven repository of Playbooks and Apps for ThreatConnect.

ThreatConnect Exchange App Framework

ThreatConnect Developer Documentation: https://docs.threatconnect.com/

Cuckoo reporting module for version 1.2 stable

Sublime Text snippets for writing scripts in less than 60 seconds that use ThreatConnect's Python SDK.

ThreatConnect playbook checking if a URL has been archived in the wayback machine.

Web app to calculate "indicators of compromise" confidence deprecation timelines (used with threat intel platforms such as ThreatConnect).

ThreatConnect playbook to read a Google Alerts RSS feed and create indicators from the links.

A tool for publishing Abnormal email threat intelligence to ThreatConnect

Sublime Text snippets for writing scripts that use ThreatConnect's TCEX module.

ThreatConnect Playbook app for reading the contents of a PDF.

Helpful paradigms and constructs for creating effective and maintainable ThreatConnect Playbooks: https://pb-constructs.hightower.space/playbooks/

ThreatConnect Exchange App Framework Templates

A script to create every available object in ThreatConnect.

Miscellaneous stuff

Structured import for humans (written in JavaScript).

Cookiecutter template for quickly creating quality spaces apps for ThreatConnect.

Cookiecutter template for quickly making quality spaces apps for ThreatConnect.

A cookiecutter template for quickly creating a ThreatConnect Exchange app.

Userscript for ThreatConnect - enhancements, and backing up config, follows data