Indicators of compromise from to analysis and research by Nextron Threat Research team
☆12Sep 17, 2025Updated 5 months ago
Alternatives and similar repositories for iocs
Users that are interested in iocs are comparing it to the libraries listed below
Sorting:
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Jun 28, 2023Updated 2 years ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆47Feb 8, 2026Updated 3 weeks ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago
- ☆17Oct 13, 2025Updated 4 months ago
- ☆22Dec 22, 2020Updated 5 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated 11 months ago
- Repository to handle issues with our free EDR agent Aurora Lite☆28Nov 9, 2023Updated 2 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Jun 15, 2022Updated 3 years ago
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated last year
- ☆33Feb 26, 2022Updated 4 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- A Moodle Scanner☆43Nov 16, 2024Updated last year
- An opensource sigma conversion tool built using pysigma☆160Feb 9, 2026Updated 2 weeks ago
- HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…☆86Jun 27, 2024Updated last year
- A pySigma wrapper to manage detection rules.☆45Feb 17, 2026Updated last week
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆92Nov 3, 2025Updated 3 months ago
- pySigma Splunk backend☆41Feb 19, 2026Updated last week
- The Sigma command line interface based on pySigma☆177Feb 5, 2026Updated 3 weeks ago
- HashKitty is a user-friendly cross-platform Python wrapper for Hashcat designed to provide an easy password cracking experience for both …☆42Jul 18, 2024Updated last year
- ☆11Apr 25, 2021Updated 4 years ago
- ☆14Feb 12, 2025Updated last year
- ☆44Jul 11, 2025Updated 7 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- ☆11May 2, 2022Updated 3 years ago
- ☆12Aug 18, 2020Updated 5 years ago
- ☆12Feb 24, 2023Updated 3 years ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 4 years ago
- CQL Hub is an open repository of detection and hunting queries for CrowdStrike NextGen SIEM and Falcon LogScale. All queries stored here …☆37Updated this week
- Shell wrapper with keylogger (local log or syslog)☆13Nov 1, 2017Updated 8 years ago
- Provides a multi-platform Graphical User Interface for hashlookup☆12Jul 12, 2024Updated last year
- Implementation of Silvio Cesare text infection technic☆10Jan 5, 2018Updated 8 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- multiduplicut : optimize wordlists-based password cracking methods chaining☆16Feb 25, 2022Updated 4 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Oct 4, 2022Updated 3 years ago
- QubesOS dom0 automation in Python☆12Aug 3, 2017Updated 8 years ago