Skip to content
This repository has been archived by the owner on Jan 13, 2021. It is now read-only.
/ yaTCc Public archive

"Yet another ThreatConnect client" ("Yah-tzee"). A simple, barebones, CTI data-focused ThreatConnect API client.

Notifications You must be signed in to change notification settings

wesinator/yaTCc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 

Repository files navigation

yaTCc (Yah-tzee): yet another ThreatConnect client

A saner, simple, cyber threat intel (CTI) focused python API client for ThreatConnect, built for CTI analysts with an emphasis on data retrieval.

Why another, unofficial client?

You may be wondering why make another client? (https://xkcd.com/927/)

I wanted to focus on basic data retrieval/creation (indicators/observables and intel groupings), with a simple, easy-to-use client interface that allows users to focus on the data and the "problem" they are trying to solve (or "questions" they are asking), without having to get bogged down in API or implementation intricacies.

I also wanted something that would actually add fields to the original TC group data to make it more useful and consumable with other formats, fixing TC specific conventions that aren't standard and adding new useful fields.

The only currently supported official Python client for ThreatConnect, tcex, is designed more as an app framework for TC playbook apps and orchestration, not as a general, simple API client interface focused on the data.

I wanted a client library that is easier to use and more intuitive, without layers of implementation abstraction to be understood.

About

"Yet another ThreatConnect client" ("Yah-tzee"). A simple, barebones, CTI data-focused ThreatConnect API client.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages