Indicators of compromise from to analysis and research by Nextron Threat Research team
☆12Jun 2, 2026Updated last week
Alternatives and similar repositories for iocs
Users that are interested in iocs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- SQL, IIS, Oh My...☆21Feb 24, 2025Updated last year
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Aug 10, 2022Updated 3 years ago
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Jun 28, 2023Updated 2 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆91Mar 11, 2026Updated 2 months ago
- Repository to handle issues with our free EDR agent Aurora Lite☆28Nov 9, 2023Updated 2 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆37Sep 19, 2017Updated 8 years ago
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆49Updated this week
- Sigma detection rules for hunting with the threathunting-keywords project☆60Mar 2, 2025Updated last year
- ☆18Oct 13, 2025Updated 7 months ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆29Aug 6, 2022Updated 3 years ago
- a tiny program to consume from ETW providers for research☆55Jan 4, 2025Updated last year
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆19Jun 29, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This repo contains a list of vendors that hide their security advisories, alerts, notices, vulnerabilities, and more behind either a payw…☆32May 11, 2024Updated 2 years ago
- A command-line tool and Python library for parsing Windows Master File Table ($MFT) and importing the results into Elasticsearch.☆13Jun 3, 2026Updated last week
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 4 months ago
- A repo for centralizing ongoing research on the new Windows 10/11 DFIR artifact, EventTranscript.db.☆43Jul 18, 2022Updated 3 years ago
- Scans the filesystem for directories that are user-writeable☆13Jun 21, 2021Updated 4 years ago
- pySigma Splunk backend☆43Mar 22, 2026Updated 2 months ago
- ☆15Sep 24, 2024Updated last year
- Base class for Jupyter Data Integrations☆11Feb 11, 2026Updated 3 months ago
- ☆23Nov 29, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A tool to start programs with admin rights.☆17Nov 18, 2025Updated 6 months ago
- Convert Sigma rules to LogRhythm searches☆24Feb 27, 2022Updated 4 years ago
- ☆14May 11, 2026Updated 3 weeks ago
- Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files☆31Jun 15, 2022Updated 3 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Oct 20, 2023Updated 2 years ago
- Implementation of Silvio Cesare text infection technic☆10Jan 5, 2018Updated 8 years ago
- An opensource sigma conversion tool built using pysigma☆169May 25, 2026Updated 2 weeks ago
- The book and code repo for the FREE Fundamental C++ book by Kevin Thomas.☆21Nov 26, 2025Updated 6 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆95Nov 3, 2025Updated 7 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- HXTool is an extended user interface for the FireEye HX Endpoint product. HXTool can be installed on a dedicated server or on your physic…☆88Jun 27, 2024Updated last year
- A pySigma wrapper to manage detection rules.☆46Jun 3, 2026Updated last week
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- A proof-of-concept re-assembler for reverse VNC traffic.☆24May 21, 2023Updated 3 years ago
- Official Website Of The Sigma Project☆22Jun 2, 2026Updated last week
- MalwareAnalysis☆12Dec 19, 2020Updated 5 years ago