An awesome collection of indicators of compromise (and a few IOC related tools).
- 0x27/linux.mirai - Leaked Linux.Mirai Source Code for Research/IoC Development Purposes
- Neo23x0/signature-base - Signature base for my scanner tools
- aptnotes/data - APTnotes data
- botherder/targetedthreats - Collection of IOCs related to targeting of civil society
- circl/osint-feed - Open Source Intelligence for MISP
- citizenlab/malware-indicators - Citizen Lab Malware Reports
- da667/667s_Shitlist - Hi kids, do you like cyber violence? Wanna see me destroy evil in the blink of an eyelid?
- eset/malware-ioc - Indicators of Compromises (IOC) of our various investigations
- fireeye/iocs - FireEye Publicly Shared Indicators of Compromise (IOCs)
- jasonmiacono/IOCs - Indicators of compromise for threat intelligence
- makflwana/IOCs-in-CSV-format - The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research
- pan-unit42/iocs - Indicators from Unit 42 Public Reports
- Snort Downloads - Signatures for the Snort (& Suircata) Intrusion Detection System
- kingtuna/Signatures - A mixture of snort and suricata signatures
- 0pc0deFR/YaraRules - Multiple rules for yara-project for detect compiler/packer/protector
- citizenlab/malware-signatures - Yara rules for malware families seen as part of targeted threats project
- kevthehermit/YaraRules - My Yara Rules Collection
- OALabs/iocs - Machine-digestible malware indicators.
- x64dbg/yarasigs - Various Yara signatures (possibly to be included in a release later).
- Yara-Rules/rules - Repository of yara rules.
- InQuest/yara-rules - A collection of Yara rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
- yahoo/PyIOCe - Python IOC Editor
- mandiant/ioc_writer - Provide a python library that allows for basic creation and editing of OpenIOC objects.
- Neo23x0/yarGen - yarGen is a generator for YARA rules
- InQuest/iocextract - Advanced Indicator of Compromise (IOC) extractor.
- mandiant/OpenIOC_1.1 - This repository contains a revised schema, iocterms file, and other supporting documents which are the basis for a draft of a revised version of OpenIOC that we are calling OpenIOC 1.1.
- MISP Malware Information Sharing Platform & Threat Sharing format - Specifications used in the MISP project including MISP core format
- Mitre Cyber Observable eXpression (CybOX™) - This site contains archived CybOX documentation.
- Mitre Malware Attribute Enumeration and Characterization (MAEC™) - A schema for understanding malware.
- Mitre Structured Threat Information eXpression (STIX™) - A structured language for cyber threat intelligence
- Yara - The pattern matching swiss knife for malware researchers (and everyone else)
This content uses the CC0 1.0 Universal (CC0 1.0) Public Domain Dedication license.