Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
☆103Mar 21, 2026Updated this week
Alternatives and similar repositories for ThreatKB
Users that are interested in ThreatKB are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Defanged Indicator of Compromise (IOC) Extractor.☆571Aug 28, 2024Updated last year
- Extract and aggregate threat intelligence.☆907Jan 31, 2024Updated 2 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆388May 11, 2022Updated 3 years ago
- Resources, articles, thoughts, datasets, papers on TI tradecraft☆11Aug 24, 2018Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 9 years ago
- Yara rules for detecting malware☆23Sep 9, 2025Updated 6 months ago
- ☆23Jul 7, 2023Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Minimal, consistent Python API for building integrations with malware sandboxes.☆142Jan 31, 2024Updated 2 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆44Jun 7, 2017Updated 8 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆19Sep 10, 2020Updated 5 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆42Oct 30, 2018Updated 7 years ago
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated 9 months ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆83Aug 4, 2021Updated 4 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆556May 9, 2023Updated 2 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,934Updated this week
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆47Feb 27, 2026Updated 3 weeks ago
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- Machinae Security Intelligence Collector☆540May 15, 2024Updated last year
- This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommen…☆52Sep 14, 2025Updated 6 months ago
- A Pythonic interface and command line tool for interacting with the InQuest Labs API.☆36Nov 18, 2025Updated 4 months ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- A curated list of awesome YARA rules, tools, and people.☆4,163Mar 16, 2026Updated last week
- YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (…☆26Oct 20, 2022Updated 3 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- Your Everyday Threat Intelligence☆1,959Mar 16, 2026Updated last week
- Explore Indicators of Compromise Automatically☆97Feb 27, 2020Updated 6 years ago
- APTnotes data☆1,777Dec 16, 2024Updated last year
- A collection of infosec related scripts and information.☆54Oct 2, 2024Updated last year
- please use https://github.com/fireeye/vivisect instead☆16Oct 21, 2025Updated 5 months ago
- Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies☆107Mar 4, 2021Updated 5 years ago
- Extract indicators of compromise from text, including "escaped" ones.☆163Apr 19, 2020Updated 5 years ago
- A desktop App to add STIX-2 objects to TAXII-2.0 servers☆11Mar 13, 2019Updated 7 years ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆462Aug 14, 2025Updated 7 months ago
- IOC Management and Visualization Tool☆48Dec 8, 2022Updated 3 years ago