Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
☆103Mar 21, 2026Updated 2 months ago
Alternatives and similar repositories for ThreatKB
Users that are interested in ThreatKB are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Extract and aggregate threat intelligence.☆917May 26, 2026Updated 2 weeks ago
- Defanged Indicator of Compromise (IOC) Extractor.☆580Aug 28, 2024Updated last year
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆390May 11, 2022Updated 4 years ago
- Resources, articles, thoughts, datasets, papers on TI tradecraft☆10Aug 24, 2018Updated 7 years ago
- Work Fast With the pattern matching swiss knife for malware researchers.☆38Mar 26, 2016Updated 10 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Yara rules for detecting malware☆23Sep 9, 2025Updated 9 months ago
- ☆24Jul 7, 2023Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Minimal, consistent Python API for building integrations with malware sandboxes.☆143Jan 31, 2024Updated 2 years ago
- Scripts to detect Fast-Flux and DGA using DNS query responses☆44Jun 7, 2017Updated 9 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆19Sep 10, 2020Updated 5 years ago
- Performs OCR on image files and scans them for matches to YARA rules☆42Oct 30, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…☆38May 28, 2025Updated last year
- Automatic YARA rule generation for Malpedia☆167Sep 8, 2022Updated 3 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆83Aug 4, 2021Updated 4 years ago
- The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs).☆557May 9, 2023Updated 3 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,956May 20, 2026Updated 3 weeks ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆49Updated this week
- The "DFUR" Splunk application and data that was presented at the 2020 SANS DFIR Summit.☆13Sep 9, 2020Updated 5 years ago
- Machinae Security Intelligence Collector☆538Jun 3, 2026Updated last week
- This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommen…☆52May 24, 2026Updated 2 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Pythonic interface and command line tool for interacting with the InQuest Labs API.☆36Nov 18, 2025Updated 6 months ago
- Parse YARA rules and operate over them more easily.��☆195Feb 6, 2025Updated last year
- Splunk csv to KVStore ES Threat Intel☆11Jul 11, 2016Updated 9 years ago
- A Compiler from Sigma rules to VQL☆19May 18, 2026Updated 3 weeks ago
- A curated list of awesome YARA rules, tools, and people.☆4,212May 26, 2026Updated 2 weeks ago
- YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (…☆26Oct 20, 2022Updated 3 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- Your Everyday Threat Intelligence☆1,997May 15, 2026Updated 3 weeks ago
- Explore Indicators of Compromise Automatically☆97Feb 27, 2020Updated 6 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A collection of infosec related scripts and information.☆54Oct 2, 2024Updated last year
- APTnotes data☆1,791Dec 16, 2024Updated last year
- please use https://github.com/fireeye/vivisect instead☆16Oct 21, 2025Updated 7 months ago
- Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies☆108Mar 4, 2021Updated 5 years ago
- Extract indicators of compromise from text, including "escaped" ones.☆163Apr 19, 2020Updated 6 years ago
- A desktop App to add STIX-2 objects to TAXII-2.0 servers☆11Mar 13, 2019Updated 7 years ago
- Artifact analysis tools by JPCERT/CC Analysis Center☆464Aug 14, 2025Updated 9 months ago