sayyedkashaf/Threat-Intelligence-Aggregator

# Threat Intelligence Aggregator (Non-AI) ## Project Overview Threat Intelligence Aggregator is a Python-based cybersecurity project that collects, parses, normalizes, correlates, and organizes Indicators of Compromise (IOCs) from multiple threat intelligence feeds. The project processes threat intelligence data from different formats, identifies malicious indicators, removes duplicates, assigns severity levels, generates blocklists, and creates a final threat intelligence report. ## Features - Load IOC feeds from TXT, CSV, and JSON files - Parse and validate indicators - Detect: - IP Addresses - Domains - URLs - Hashes - Emails - Normalize IOC data - Remove duplicate indicators - Correlate repeated indicators - Assign severity levels - Generate blocklists - Create threat intelligence reports ## Technologies Used - Python 3.14 - VS Code ### Libraries - os - json - csv - re - ipaddress - validators - collections - datetime ## Project Structure Threat_Intelligence_Aggregator/ │ ├── feeds/ ├── blocklists/ ├── reports/ ├── screenshots/ │ ├── main.py ├── feed_loader.py ├── ioc_parser.py ├── normalizer.py ├── correlation_engine.py ├── blocklist_generator.py ├── report_generator.py