Alternatives and similar repositories for IOCs

Users that are interested in IOCs are comparing it to the libraries listed below

• The-DFIR-Report / Yara-Rules
  ☆68Updated 4 months ago
• CrowdStrike / SuperMem
  A python script developed to process Windows memory images based on triage type.
  ☆262Updated last year
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 7 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• Neo23x0 / Loki2
  LOKI2 - Simple IOC and YARA Scanner
  ☆94Updated 11 months ago
• NextronSystems / thor-lite
  Fast IOC and YARA Scanner
  ☆80Updated 5 years ago
• infobloxopen / threat-intelligence
  ☆85Updated 2 weeks ago
• mandiant / thiri-notebook
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆155Updated 3 years ago
• hashlookup / hashlookup-forensic-analyser
  Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…
  ☆126Updated last year
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆122Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆77Updated 2 years ago
• huebicode / abuselookup-gui
  A GUI to query the API of abuse.ch.
  ☆70Updated 2 years ago
• Censys-Research / censeye
  ☆143Updated 3 weeks ago
• pan-unit42 / tweets
  ☆130Updated last year
• abusech / ThreatFox
  Open IOC sharing platform
  ☆55Updated 7 months ago
• hpthreatresearch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆146Updated last year
• The-DFIR-Report / Sigma-Rules
  Rules generated from our investigations.
  ☆196Updated last week
• Cyb3r-Monk / RITA-J
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆203Updated 2 years ago
• pr0xylife / Qakbot
  ☆196Updated last year
• elastic / labs-releases
  Elastic Security Labs releases
  ☆68Updated last week
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 3 years ago
• ForensicArtifacts / artifacts-kb
  Digital Forensics Artifacts Knowledge Base
  ☆82Updated last year
• StrangerealIntel / EternalLiberty
  ☆204Updated 3 weeks ago
• cado-security / rip_raw
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆131Updated 3 years ago
• microsoft / MSTIC-Sysmon
  Anything Sysmon related from the MSTIC R&D team
  ☆153Updated last year
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆167Updated 2 years ago
• SEKOIA-IO / Community
  Welcome to the SEKOIA.IO Community repository!
  ☆157Updated last week
• swisscom / ArtifactCollectionMatrix
  Forensic Artifact Collection Tool Matrix
  ☆85Updated 7 months ago
• theflakes / reg_hunter
  Blueteam operational triage registry hunting/forensic tool.
  ☆148Updated 2 years ago
• joeavanzato / LogBoost
  Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…
  ☆107Updated 8 months ago