blacklotuslabs / IOCs
IOCs published by Black Lotus Labs
☆119Updated 3 months ago
Alternatives and similar repositories for IOCs:
Users that are interested in IOCs are comparing it to the libraries listed below
- A python script developed to process Windows memory images based on triage type.☆262Updated last year
- ☆68Updated 2 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆155Updated 3 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆63Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆201Updated 2 years ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆280Updated 8 months ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- ☆130Updated last year
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆86Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- Digital Forensics Artifacts Knowledge Base☆81Updated 11 months ago
- BlackBerry Threat Research & Intelligence☆98Updated last year
- Sigma rules to share with the community☆119Updated 2 months ago
- ☆201Updated 5 months ago
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆146Updated last year
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆72Updated 5 months ago
- IOC Collection 2022☆57Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆130Updated 3 years ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆103Updated 6 months ago
- A GeoIP lookup utility utilizing ipinfo.io services.☆87Updated last year
- A repo hosting the Markua content for the EZ Tools manuals hosted on Leanpub☆70Updated last year
- Active C&C Detector☆153Updated last year
- ☆96Updated 4 months ago
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆151Updated last year
- Welcome to the SEKOIA.IO Community repository!☆149Updated last week
- Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service - https…☆126Updated last year
- Rules generated from our investigations.☆194Updated last month