Indicators of compromise from to analysis and research by Nextron Threat Research team
☆12Jun 2, 2026Updated 3 weeks ago
Alternatives and similar repositories for iocs
Users that are interested in iocs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SQL, IIS, Oh My...☆22Feb 24, 2025Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Jun 18, 2026Updated last week
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆83Jun 28, 2023Updated 3 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆92Mar 11, 2026Updated 3 months ago
- Repository to handle issues with our free EDR agent Aurora Lite☆28Nov 9, 2023Updated 2 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆49Jun 11, 2026Updated 2 weeks ago
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- ☆18Oct 13, 2025Updated 8 months ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆29Aug 6, 2022Updated 3 years ago
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆21Jun 29, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated 2 years ago
- A command-line tool and Python library for parsing Windows Master File Table ($MFT) and importing the results into Elasticsearch.☆13Jun 3, 2026Updated 3 weeks ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 5 years ago
- pySigma Splunk backend☆43Mar 22, 2026Updated 3 months ago
- ☆15Sep 24, 2024Updated last year
- Base class for Jupyter Data Integrations☆11Feb 11, 2026Updated 4 months ago
- ☆24Nov 29, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A tool to start programs with admin rights.☆17Nov 18, 2025Updated 7 months ago
- Convert Sigma rules to LogRhythm searches☆24Feb 27, 2022Updated 4 years ago
- ☆14May 11, 2026Updated last month
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Jun 15, 2022Updated 4 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- Implementation of Silvio Cesare text infection technic☆10Jan 5, 2018Updated 8 years ago
- An opensource sigma conversion tool built using pysigma☆170Jun 22, 2026Updated last week
- The book and code repo for the FREE Fundamental C++ book by Kevin Thomas.☆21Nov 26, 2025Updated 7 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆95Nov 3, 2025Updated 7 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…☆90Jun 27, 2024Updated 2 years ago
- A pySigma wrapper to manage detection rules.☆46Jun 3, 2026Updated 3 weeks ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 4 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆24May 21, 2023Updated 3 years ago
- Official Website Of The Sigma Project☆23Jun 16, 2026Updated 2 weeks ago
- A tool that adds reproducible UUIDs to YARA rules☆14May 15, 2026Updated last month