Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: indicators-of-compromise
databricks-industry-solutions/ioc-matching
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
Language: Python - Size: 144 KB - Last synced: 6 days ago - Pushed: 7 days ago - Stars: 10 - Forks: 5
PaloAltoNetworks/Unit42-timely-threat-intel
A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.
Size: 760 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 124 - Forks: 5
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Language: Python - Size: 1.65 MB - Last synced: 12 days ago - Pushed: 4 months ago - Stars: 790 - Forks: 132
reversinglabs/reversinglabs-yara-rules
ReversingLabs YARA Rules
Language: YARA - Size: 504 KB - Last synced: 12 days ago - Pushed: 13 days ago - Stars: 703 - Forks: 102
ninoseki/ioc-extractor
An npm package for extracting common IoC (Indicator of Compromise) from a block of text
Language: TypeScript - Size: 2.17 MB - Last synced: 13 days ago - Pushed: 17 days ago - Stars: 51 - Forks: 12
AlexLinov/IOC-Generator
IOC Generator for Microsoft Defender for Endpoints
Language: Python - Size: 4.88 KB - Last synced: 21 days ago - Pushed: 21 days ago - Stars: 0 - Forks: 0
InQuest/iocextract
Defanged Indicator of Compromise (IOC) Extractor.
Language: Python - Size: 825 KB - Last synced: about 2 months ago - Pushed: 6 months ago - Stars: 485 - Forks: 88
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
Language: Python - Size: 4.54 MB - Last synced: about 2 months ago - Pushed: over 1 year ago - Stars: 1,038 - Forks: 168
elliotwutingfeng/rstthreatsall
This repository consolidates all unique IOCs ever released at rstthreats. Updated at least once a day.
Language: Python - Size: 587 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 5 - Forks: 2
rstcloud/rstthreats
Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
Language: HTML - Size: 2.95 GB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 32 - Forks: 8
drb-ra/C2IntelFeeds
Automatically created C2 Feeds
Language: REXX - Size: 2.77 GB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 432 - Forks: 41
fhightower/ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Language: Python - Size: 1.35 MB - Last synced: 14 days ago - Pushed: 7 months ago - Stars: 151 - Forks: 38
vuldb/cyber_threat_intelligence
Cyber Threat Intelligence Data, Indicators, and Analysis
Size: 58 MB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 64 - Forks: 14
sreeves0/IoCs
This repository will contain all the IoCs for the SecOps team to use in Microsoft Sentinel.
Size: 6.84 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 1 - Forks: 0
UncleSocks/win-netstat-ioc-address-checker 📦
A basic IP address IOC checker for Windows using Netstat and Wordlists, written in Python3.
Language: Python - Size: 95.7 KB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 1 - Forks: 0
Lupovis/Prowl-API
Prowl is an API that allows you to send IP and in return obtain the reputation of the IP as well as indicators of attacks and indicators of compromise associated with the address. Lupovis monitors the web in real time and identifies malicious IP addresses for you.
Language: JavaScript - Size: 81.1 KB - Last synced: 2 months ago - Pushed: over 1 year ago - Stars: 7 - Forks: 0
edoardottt/defango
URL / IP / Email defanging with Golang. Make IoC harmless.
Language: Go - Size: 24.4 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 9 - Forks: 0
gbikram/CTI-Automation-Platform
An automated Cyber Threat Intelligence (CTI) apparatus, implemented via a suite of Free & Open-source Software (FOSS)
Language: Python - Size: 94 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
cyb3rmik3/Hunting-Lists
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
Size: 39.1 KB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 25 - Forks: 2
swisscom/detections 📦
Threat intelligence and threat detection indicators (IOC, IOA)
Language: YARA - Size: 1.47 MB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 51 - Forks: 11
hm-seclab/YAFRA
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Language: Python - Size: 1.26 MB - Last synced: about 2 months ago - Pushed: over 2 years ago - Stars: 26 - Forks: 4
cfalta/ioctool
Rex-ing indicators out of unstructured text (like an e-mail)
Language: PowerShell - Size: 1000 Bytes - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 0 - Forks: 0
Geekmaster-General/IOCs
Storage for the IOCs I collect
Size: 4.43 MB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 5 - Forks: 0
atakanaydinbas/gofangdefang
GoFangDefang is a Go library for secure manipulation of Indicators of Compromise (IOCs), converting them between their original "fang" format (with special characters) and a safer "defang" format. It prevents accidental execution of potentially malicious IOCs like URLs, IPs, domains, or subdomains.
Language: Go - Size: 26.4 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 8 - Forks: 1
wesinator/indicator-deprecation-calculator
Web app to calculate "indicators of compromise" confidence deprecation timelines (used with threat intel platforms such as ThreatConnect).
Language: HTML - Size: 6.84 KB - Last synced: about 1 month ago - Pushed: almost 4 years ago - Stars: 1 - Forks: 1
alphaSeclab/malware-ioc-hash
Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
Language: Python - Size: 5.63 MB - Last synced: about 1 month ago - Pushed: over 3 years ago - Stars: 16 - Forks: 4
Deilis/IOC-validator-deivscan
IOC validation with Python
Language: Python - Size: 58.6 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
assafmo/xioc
Extract indicators of compromise from text, including "escaped" ones.
Language: Go - Size: 64.5 KB - Last synced: about 2 months ago - Pushed: about 4 years ago - Stars: 162 - Forks: 13
ioc-fang/ioc-fanger
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Language: Python - Size: 764 KB - Last synced: about 1 month ago - Pushed: 8 months ago - Stars: 52 - Forks: 11
azazelm3dj3d/vsioc
VSIOC is a real-time Visual Studio Code extension for extracting IOCs from the active open editor
Language: TypeScript - Size: 1.14 MB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 0 - Forks: 0
fox-it/cobaltstrike-beacon-data
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Language: Jupyter Notebook - Size: 158 MB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 113 - Forks: 25
halilozturkci/APT38-Lazarus-Threat-Analysis-Report-from-ADEO
ADEO APT38 Lazarus Threat Analysis Report
Size: 2.61 MB - Last synced: 8 months ago - Pushed: about 4 years ago - Stars: 3 - Forks: 1
levlesec/cellebrite-ioc
An IOC collection for the Cellebrite UFED forensic toolkit.
Size: 21.5 KB - Last synced: 8 months ago - Pushed: over 3 years ago - Stars: 13 - Forks: 4
IRB0T/IOC
Our objective is to update the indicators-of-compromise based on published reports for Zero-Day Vulnerability and Ransomware groups
Size: 93.8 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 2 - Forks: 0
401trg/detections
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Language: Python - Size: 4.37 MB - Last synced: 7 months ago - Pushed: about 3 years ago - Stars: 120 - Forks: 19
jefnilham/IOC-Extractor
Chrome extension that extracts possible IOCs from online reports.
Language: JavaScript - Size: 38.1 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
Lyc4on/EvtXHunt
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
Language: Python - Size: 191 MB - Last synced: 9 months ago - Pushed: over 2 years ago - Stars: 14 - Forks: 1
IronNetCybersecurity/IronNetTR
Threat research and reporting from IronNet's Threat Research Teams
Language: Jupyter Notebook - Size: 73.1 MB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 41 - Forks: 5
rs-develop/ForIocCrawler
A forensic ioc crawler and parser.
Language: Python - Size: 114 KB - Last synced: 2 days ago - Pushed: over 1 year ago - Stars: 5 - Forks: 2
Xorlent/Falcon-IOC
Crowdstrike Falcon® custom IOC management tool
Size: 26.4 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
martinkubecka/C2Detective
:mag: Application for detecting command and control (C2) communication through network traffic analysis.
Language: Python - Size: 694 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 2 - Forks: 0
HappyStoic/iris
Iris - P2P System for Confidential Sharing of Threat Intelligence and Collaborative Defense for Slips
Language: Go - Size: 1.28 MB - Last synced: 2 months ago - Pushed: 2 months ago - Stars: 8 - Forks: 1
gnxsecurity/gnx-threat-intelligence
A commercial grade threat intelligence feed thats validated and updated every half hour.
Language: SuperCollider - Size: 627 MB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 19 - Forks: 3
securechicken/tinypeg
Provides Amnesty International's "Pegasus" domain IOCs transformation to a TinyCheck source format
Language: Shell - Size: 30.3 KB - Last synced: 12 months ago - Pushed: almost 3 years ago - Stars: 5 - Forks: 0
wizardy0ga/Pyramid-Of-Pain
An overview of the Pyramid of Pain, a pyramid model that represents a scaling level of impact to threat actor operations when an indicator is successfully responded to at its assigned level.
Size: 19.5 KB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 0 - Forks: 0
martinkubecka/mailo
:mailbox_with_mail: Process EML and MSG file types and extract various Indicators of Compromise.
Language: Python - Size: 39.1 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
subhayuroy/ComputationalForensics
🚨Computational Forensics is an emerging research🔎 domain. It deals with 🕵️‍♀️solving forensic problems🚔 using digital methods👨‍💻. It uses computational science to study digital evidence.
Language: Python - Size: 422 KB - Last synced: about 1 year ago - Pushed: over 2 years ago - Stars: 2 - Forks: 2
ninoseki/fanger
An npm package to defang and refang IoC
Language: TypeScript - Size: 1.31 MB - Last synced: 24 days ago - Pushed: about 1 year ago - Stars: 10 - Forks: 3
cyberpasta/loki-scan-manager
Manage loki scans over a large network.
Language: PowerShell - Size: 104 KB - Last synced: over 1 year ago - Pushed: over 3 years ago - Stars: 3 - Forks: 0
hrbrmstr/extractor
⛏macOS app to extract IoCs from PDFs, text files, HTML, URLs, and the pasteboard
Language: Swift - Size: 1.09 MB - Last synced: about 1 year ago - Pushed: about 3 years ago - Stars: 6 - Forks: 1
wickywanka/IOC-Scraping
Language: Python - Size: 29.3 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 0 - Forks: 0
silascutler/IntelDB
Minimal Indicator Storage System
Language: Python - Size: 177 KB - Last synced: about 1 year ago - Pushed: over 3 years ago - Stars: 11 - Forks: 2
OllieJC/no-direct-ip
Browser extension to block directly entered, external or public IP v4 and v6 addresses
Language: JavaScript - Size: 1.58 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 1 - Forks: 0
codexlynx/iocs
Threat Intelligence & Indicators of Compromise repository.
Language: YARA - Size: 7.81 KB - Last synced: over 1 year ago - Pushed: about 2 years ago - Stars: 0 - Forks: 0
tcbutler320/CVE-2021-3441-check
CVE-2021-3441 CVE Check is a python script to search targets for indicators of compromise to CVE-2021-3441
Language: Python - Size: 15.2 MB - Last synced: about 1 year ago - Pushed: almost 3 years ago - Stars: 2 - Forks: 0