iocs
There are 65 repositories under iocs topic.
TheHive-Project/TheHive
TheHive: a Scalable, Open Source and Free Security Incident Response Platform
teler-sh/teler
Real-time HTTP Intrusion Detection
TheHive-Project/Cortex
Cortex: a Powerful Observable Analysis and Active Response Engine
curated-intel/Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
mthcht/awesome-lists
Awesome Security lists for SOC/CERT/CTI
advanced-threat-research/Yara-Rules
Repository of YARA rules made by Trellix ATR Team
drb-ra/C2IntelFeeds
Automatically created C2 Feeds
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
TheHive-Project/TheHiveDocs
Documentation of TheHive
InQuest/omnibus
The OSINT Omnibus (beta release)
NewBee119/Ti_Collector
本项目致力于收集网上公开来源的威胁情报,主要关注信誉类威胁情报(如IP/域名等),以及事件类威胁情报。
MalwareSamples/Malware-Feed
Bringing you the best of the worst files on the Internet.
autistic-symposium/sec-pentesting-toolkit
👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.
assafmo/xioc
Extract indicators of compromise from text, including "escaped" ones.
fhightower/ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
fox-it/cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
fox-it/cobaltstrike-extraneous-space
Historical list of {Cobalt Strike,NanoHTTPD} servers
cert-lv/exchange_webshell_detection
Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
lion-gu/ioc-explorer
Explore Indicators of Compromise Automatically
blackberry/threat-research-and-intelligence
BlackBerry Threat Research & Intelligence
Neo23x0/Loki2
LOKI2 - Simple IOC and YARA Scanner
ThreatLabz/iocs
This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
ioc-fang/ioc-fanger
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
rodanmaharjan/ThreatIntelligence
Malicious IP source.
Viralmaniar/DDWPasteRecon
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.
TheHive-Project/DigitalShadows2TH
DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform
cyb3rmik3/Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
censys-workshop/threatfox-censys
Threatfox Censys is a tool to query Censys Search for IP addresses and domains and then parses the JSON and submits the results to Threatfox.
fox-it/operation-wocao
Operation Wocao - Indicators of Compromise
jakewarren/suricata-rule-generator
Quickly generate suricata rules for IOCs
fox-it/citrix-netscaler-triage
Dissect triage script for Citrix NetScaler devices
stratosphereips/ip_enrich
Enrich IP addresses with metadata and threat intelligence indicators.
cmatthewbrooks/pyiocutils
A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).
dfirsec/pie
Quick method to extract Indicators of Compromise (IOCs) from a Threat Intel Report in PDF format.
martinkubecka/C2Detective
:mag: Application for detecting command and control (C2) communication through network traffic analysis.
KasperskyLab/threat-intelligence
A repository dedicated to deliver a comprehensive set of tools for integration and convenient use of Kaspersky Threat Intelligence services