Alternatives and similar repositories for iocs

Users that are interested in iocs are comparing it to the libraries listed below

• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆155Updated 2 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Updated last month
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆83Updated last year
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆73Updated last year
• Koifman / LUMEN
  Your Browser-based EVTX Companion
  ☆112Updated this week
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 5 months ago
• krdmnbrk / atomicgen.io
  A simple tool designed to create Atomic Red Team tests with ease.
  ☆49Updated 10 months ago
• bricerenaud / xdr_yara_rule_matching
  custom Python script to perform Yara matching in Cortex XDR
  ☆14Updated 4 years ago
• MHaggis / notes
  Full of public notes and Utilities
  ☆130Updated last month
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆180Updated 8 months ago
• LivingInSyn / RMML
  A list of RMMs designed to be used in automation to build alerts
  ☆117Updated 2 months ago
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆123Updated last year
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated last year
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆53Updated last year
• tsale / EDR-Telemetry-Website
  ☆74Updated last week
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆194Updated last week
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆126Updated last year
• thinkst / defending-off-the-land
  Assortment of scripts and tools for our Blackhat EU 2024 talk
  ☆104Updated last year
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆143Updated last week
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆58Updated 11 months ago
• SecurityRiskAdvisors / indexes
  Threat Simulation Indexes
  ☆39Updated last month
• redcanaryco / ansible-atomic-red-team
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆27Updated last year
• herbiezimmerman / Windows-Event-Logs-With-Event-IDs
  A running list of Windows sources and the related event ids.
  ☆19Updated 2 years ago
• svch0stz / velociraptor-detections
  ☆22Updated 3 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆70Updated this week
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆92Updated last year
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆90Updated 2 years ago
• Beercow / DFIR_Toolbar
  ☆28Updated 3 months ago
• Digital-Defense-Institute / triage.zip
  A preconfigured Velociraptor triage collector
  ☆74Updated last month
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 7 months ago