There are 12 repositories under indicators-of-compromise topic.
ThePhish: an automated phishing email analysis tool
Extract and aggregate threat intelligence.
ReversingLabs YARA Rules
Automatically created C2 Feeds
Defanged Indicator of Compromise (IOC) Extractor.
A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Cyber Threat Intelligence Data, Indicators, and Analysis
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
An npm package for extracting common IoC (Indicator of Compromise) from a block of text
Threat intelligence and threat detection indicators (IOC, IOA)
Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.
A commercial grade threat intelligence feed thats validated and updated every half hour.
A collection of Covid-19 related threat intelligence and resources.
An IOC collection for the Cellebrite UFED forensic toolkit.
Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
URL / IP / Email defanging with Golang. Make IoC harmless.
Minimal Indicator Storage System
Iris - P2P System for Confidential Sharing of Threat Intelligence and Collaborative Defense for Slips
:mag: Application for detecting command and control (C2) communication through network traffic analysis.
GoFangDefang is a Go library for secure manipulation of Indicators of Compromise (IOCs), converting them between their original "fang" format (with special characters) and a safer "defang" format. It prevents accidental execution of potentially malicious IOCs like URLs, IPs, domains, or subdomains.
Storage for the IOCs I collect
This repository consolidates all unique IOCs ever released at rstthreats. Updated at least once a day.
IOCs and notes related to malware
Provides Amnesty International's "Pegasus" domain IOCs transformation to a TinyCheck source format
Relieving the manual task of checking the ip reputation