iocs

There are 59 repositories under iocs topic.

TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
Language:Scala3.3k 168 2.4k603
teler-sh/teler
Real-time HTTP Intrusion Detection
Language:Go3k 51 69247
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
Language:Scala1.3k 58 439215
curated-intel/Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
Language:YARA910 76 692
advanced-threat-research/Yara-Rules
Repository of YARA rules made by Trellix ATR Team
Language:YARA542 52 1081
drb-ra/C2IntelFeeds
Automatically created C2 Feeds
Language:REXX454 30 1542
TheHive-Project/TheHiveDocs
Documentation of TheHive
391 48 156284
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
Language:HTML359 7 840
InQuest/omnibus
The OSINT Omnibus (beta release)
Language:Python312 25 2869
NewBee119/Ti_Collector
本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。
Language:Python308 15 099
MalwareSamples/Malware-Feed
Bringing you the best of the worst files on the Internet.
Language:Shell282 20 045
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
Language:PowerShell231 8 230
assafmo/xioc
Extract indicators of compromise from text, including "escaped" ones.
Language:Go161 10 813
fhightower/ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Language:Python151 8 19038
go-outside-labs/sec-pentesting-toolkit
👾 𝘁𝗼𝗼𝗹𝘀 𝗳𝗼𝗿 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗿𝗲𝘀𝗲𝗮𝗿𝗰𝗵𝗲𝗿𝘀: 𝗽𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴, 𝗖𝗧𝗙𝘀 & 𝘄𝗮𝗿𝗴𝗮𝗺𝗲𝘀
Language:C138 4 2816
fox-it/cobaltstrike-extraneous-space
Historical list of {Cobalt Strike,NanoHTTPD} servers
124 13 046
fox-it/cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Language:Jupyter Notebook117 11 027
cert-lv/exchange_webshell_detection
Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
Language:PowerShell97 14 721
lion-gu/ioc-explorer
Explore Indicators of Compromise Automatically
Language:Python94 6 125
blackberry/threat-research-and-intelligence
BlackBerry Threat Research & Intelligence
Language:Jupyter Notebook89 13 114
Neo23x0/Loki2
LOKI2 - Simple IOC and YARA Scanner
Language:Rust73 5 08
threatlabz/iocs
This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
Language:YARA60 8 011
ioc-fang/ioc-fanger
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Language:Python52 4 6711
Viralmaniar/DDWPasteRecon
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
Language:C#37 4 011
TheHive-Project/DigitalShadows2TH
DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
Language:Python33 6 510
rodanmaharjan/ThreatIntelligence
Malicious IP source.
Language:Python32 4 16
fox-it/operation-wocao
Operation Wocao - Indicators of Compromise
Language:YARA30 8 07
jakewarren/suricata-rule-generator
Quickly generate suricata rules for IOCs
Language:Go28 4 08
cyb3rmik3/Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
27 3 04
censys-workshop/threatfox-censys
Threatfox Censys is a tool to query Censys Search for IP addresses and domains and then parses the JSON and submits the results to Threatfox.
Language:Python24 1 02
fox-it/citrix-netscaler-triage
Dissect triage script for Citrix NetScaler devices
Language:Python20 8 56
stratosphereips/ip_enrich
Enrich IP addresses with metadata and threat intelligence indicators.
Language:Python19 5 24
cmatthewbrooks/pyiocutils
A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
Language:Python17 3 01
kg68k/puni
ぷにぐらま～ずまにゅある
11 0 11
dfirsec/pie
Quick method to extract Indicators of Compromise (IOCs) from a Threat Intel Report in PDF format.
Language:Python10 2 00
martinkubecka/C2Detective
:mag: Application for detecting command and control (C2) communication through network traffic analysis.
Language:Python8 1 02

iocs

TheHive-Project/TheHive

teler-sh/teler

TheHive-Project/Cortex

curated-intel/Ukraine-Cyber-Operations

advanced-threat-research/Yara-Rules

drb-ra/C2IntelFeeds

TheHive-Project/TheHiveDocs

mthcht/ThreatHunting-Keywords

InQuest/omnibus

NewBee119/Ti_Collector

MalwareSamples/Malware-Feed

mthcht/awesome-lists

assafmo/xioc

fhightower/ioc-finder

go-outside-labs/sec-pentesting-toolkit

fox-it/cobaltstrike-extraneous-space

fox-it/cobaltstrike-beacon-data

cert-lv/exchange_webshell_detection

lion-gu/ioc-explorer

blackberry/threat-research-and-intelligence

Neo23x0/Loki2

threatlabz/iocs

ioc-fang/ioc-fanger

Viralmaniar/DDWPasteRecon

TheHive-Project/DigitalShadows2TH

rodanmaharjan/ThreatIntelligence

fox-it/operation-wocao

jakewarren/suricata-rule-generator

cyb3rmik3/Hunting-Lists

censys-workshop/threatfox-censys

fox-it/citrix-netscaler-triage

stratosphereips/ip_enrich

cmatthewbrooks/pyiocutils

kg68k/puni

dfirsec/pie

martinkubecka/C2Detective