IOCs published by Black Lotus Labs
☆136Mar 16, 2026Updated last week
Alternatives and similar repositories for IOCs
Users that are interested in IOCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A repository dedicated to sharing Indicators of Compromise (IOCs) from production systems experiencing security incidents and OSINT feeds…☆48Updated this week
- Repository of Yara rules created by the Stratosphere team☆29Jul 8, 2021Updated 4 years ago
- Indicators of compromise☆17Jan 29, 2026Updated last month
- Ursnif beacon decryptor☆27Mar 20, 2023Updated 3 years ago
- Windows Event Log Killer☆12May 22, 2017Updated 8 years ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Apr 10, 2024Updated last year
- ETW forensic tool for Volatility3 plugin☆17Nov 15, 2024Updated last year
- Indicators of Compromise for malware documented in whitepapers.☆45Mar 5, 2026Updated 2 weeks ago
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆78Jan 26, 2026Updated last month
- Sophos-originated indicators-of-compromise from published reports☆652Jan 16, 2026Updated 2 months ago
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- A malware sandoxed with gdb☆15Jun 27, 2016Updated 9 years ago
- Signatures and IoCs from public Volexity blog posts.☆366Dec 4, 2025Updated 3 months ago
- This repository contains a script created by Truesec CSIRT team which can be used to identify signs of compromise and to some extent, mit…☆11Jul 7, 2021Updated 4 years ago
- ☆129Jan 29, 2024Updated 2 years ago
- This is a repository for the public blog with Labs indicators of compromise and code☆18Jan 8, 2020Updated 6 years ago
- Threat Intel IoCs + bits and pieces of dark matter. Published by Gen Threat Labs.☆438Updated this week
- Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".☆14Jul 12, 2021Updated 4 years ago
- Reads and prints information from the website MalAPI.io☆20Jul 14, 2022Updated 3 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 3 months ago
- ☆23Jul 7, 2023Updated 2 years ago
- TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains…☆645Updated this week
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆215Updated this week
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- The Multiplatform Linux Sandbox��☆16Dec 19, 2023Updated 2 years ago
- cryptam document malware analysis tool☆12Jun 18, 2023Updated 2 years ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- Repository for the home climate monitoring I built☆17Jul 9, 2019Updated 6 years ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆701Oct 22, 2025Updated 5 months ago
- Automatically created C2 Feeds☆667Updated this week
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- C & Shellcode Playground..☆10Dec 2, 2017Updated 8 years ago
- Simple yara rule manager☆67Dec 27, 2022Updated 3 years ago
- ReversingLabs YARA Rules☆900Nov 3, 2025Updated 4 months ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Threat Hunting Malware Infrastructure☆11Dec 3, 2023Updated 2 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆571Aug 28, 2024Updated last year
- IOCs from Google Threat Intelligence Group☆62Oct 9, 2025Updated 5 months ago
- Metasploit Post-Exploitation Gather module for Exchange Server☆25Mar 26, 2021Updated 4 years ago