Threat Intel IoCs + bits and pieces of dark matter
☆434Feb 19, 2026Updated last week
Alternatives and similar repositories for ioc
Users that are interested in ioc are comparing it to the libraries listed below
Sorting:
- Indicators of compromise☆17Jan 29, 2026Updated last month
- Sophos-originated indicators-of-compromise from published reports☆653Jan 16, 2026Updated last month
- Automatically created C2 Feeds☆666Updated this week
- Indicators of compromise (IOCs) collected from public resources and categorized by Qi-AnXin.☆960Aug 28, 2025Updated 6 months ago
- ☆1,130Dec 19, 2023Updated 2 years ago
- Indicators from Unit 42 Public Reports☆728Aug 17, 2025Updated 6 months ago
- Signatures and IoCs from public Volexity blog posts.☆364Dec 4, 2025Updated 2 months ago
- Collection of private Yara rules.☆378Jan 28, 2026Updated last month
- Repository of YARA rules made by Trellix ATR Team☆625Mar 18, 2025Updated 11 months ago
- Hunts out CobaltStrike beacons and logs operator command output☆951Sep 4, 2024Updated last year
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Indicators of Compromises (IOC) of our various investigations☆1,917Feb 20, 2026Updated last week
- Yara Rules for Modern Malware☆78Mar 3, 2024Updated 2 years ago
- YARA signature and IOC database for my scanners and tools☆2,874Feb 5, 2026Updated 3 weeks ago
- Interesting APT Report Collection And Some Special IOCs☆2,915Feb 24, 2026Updated last week
- Welcome to the SEKOIA.IO Community repository!☆178Feb 6, 2026Updated 3 weeks ago
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- ReversingLabs YARA Rules☆898Nov 3, 2025Updated 4 months ago
- Zeek-Formatted Threat Intelligence Feeds☆385Updated this week
- ☆23Jul 7, 2023Updated 2 years ago
- ☆154Feb 12, 2026Updated 2 weeks ago
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- Elastic Security detection content for Endpoint☆1,380Updated this week
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,402Nov 7, 2024Updated last year
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- Collection of rules created using YARA-Signator over Malpedia☆141Jan 6, 2026Updated last month
- ☆553Dec 4, 2023Updated 2 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- ☆512Oct 7, 2024Updated last year
- Dynamic unpacker based on PE-sieve☆796Sep 13, 2025Updated 5 months ago
- Hunt the windows Registry automatically using VQL☆13Jan 6, 2026Updated last month
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- Malware Configuration And Payload Extraction☆3,031Updated this week
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆413Nov 8, 2025Updated 3 months ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆694Updated this week
- A golang CLI tool to download malware from a variety of sources.☆151Jul 3, 2025Updated 7 months ago
- Defences against Cobalt Strike☆1,296Jul 14, 2022Updated 3 years ago