blacklotuslabs / IOCsLinks
IOCs published by Black Lotus Labs
☆121Updated 2 weeks ago
Alternatives and similar repositories for IOCs
Users that are interested in IOCs are comparing it to the libraries listed below
Sorting:
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Updated 3 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆73Updated 6 months ago
- ☆69Updated 3 months ago
- Sigma rules to share with the community☆122Updated 4 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆98Updated last year
- Anything Sysmon related from the MSTIC R&D team☆153Updated 11 months ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆202Updated 2 years ago
- ☆131Updated last week
- Welcome to the SEKOIA.IO Community repository!☆155Updated last month
- MISP Playbooks☆201Updated 3 months ago
- LOKI2 - Simple IOC and YARA Scanner☆93Updated 10 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆105Updated 7 months ago
- ☆130Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆78Updated last week
- Initial triage of Windows Event logs☆99Updated 11 months ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆138Updated 10 months ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆166Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆95Updated 2 years ago
- Forensic Artifact Collection Tool Matrix☆85Updated 6 months ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆313Updated 3 weeks ago
- Digital Forensics Artifacts Knowledge Base☆81Updated last year
- A guide on how to write fast and memory friendly YARA rules☆144Updated 3 months ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- ☆96Updated last month
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆146Updated last year
- YARA rule analyzer to improve rule quality and performance☆101Updated last month
- Rules generated from our investigations.☆195Updated this week