iocs
There are 59 repositories under iocs topic.
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
teler-sh/teler
Real-time HTTP Intrusion Detection
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
curated-intel/Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
advanced-threat-research/Yara-Rules
Repository of YARA rules made by Trellix ATR Team
drb-ra/C2IntelFeeds
Automatically created C2 Feeds
TheHive-Project/TheHiveDocs
Documentation of TheHive
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
InQuest/omnibus
The OSINT Omnibus (beta release)
NewBee119/Ti_Collector
本项目致力于收集网上公开来源的威胁情报,主要关注信誉类威胁情报(如IP/域名等),以及事件类威胁情报。
MalwareSamples/Malware-Feed
Bringing you the best of the worst files on the Internet.
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
assafmo/xioc
Extract indicators of compromise from text, including "escaped" ones.
fhightower/ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
go-outside-labs/sec-pentesting-toolkit
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
fox-it/cobaltstrike-extraneous-space
Historical list of {Cobalt Strike,NanoHTTPD} servers
fox-it/cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
cert-lv/exchange_webshell_detection
Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
lion-gu/ioc-explorer
Explore Indicators of Compromise Automatically
blackberry/threat-research-and-intelligence
BlackBerry Threat Research & Intelligence
Neo23x0/Loki2
LOKI2 - Simple IOC and YARA Scanner
threatlabz/iocs
This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
ioc-fang/ioc-fanger
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Viralmaniar/DDWPasteRecon
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
TheHive-Project/DigitalShadows2TH
DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
rodanmaharjan/ThreatIntelligence
Malicious IP source.
fox-it/operation-wocao
Operation Wocao - Indicators of Compromise
jakewarren/suricata-rule-generator
Quickly generate suricata rules for IOCs
cyb3rmik3/Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
censys-workshop/threatfox-censys
Threatfox Censys is a tool to query Censys Search for IP addresses and domains and then parses the JSON and submits the results to Threatfox.
fox-it/citrix-netscaler-triage
Dissect triage script for Citrix NetScaler devices
stratosphereips/ip_enrich
Enrich IP addresses with metadata and threat intelligence indicators.
cmatthewbrooks/pyiocutils
A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
kg68k/puni
ぷにぐらま~ずまにゅある
dfirsec/pie
Quick method to extract Indicators of Compromise (IOCs) from a Threat Intel Report in PDF format.
martinkubecka/C2Detective
:mag: Application for detecting command and control (C2) communication through network traffic analysis.