blacklotuslabs/IOCs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

blacklotuslabs/IOCs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/blacklotuslabs/IOCs)

Close

blacklotuslabs / IOCsView on GitHubMore

• External links
• Readme badge

IOCs published by Black Lotus Labs

☆143Jun 10, 2026Updated this week

Alternatives and similar repositories for IOCs

Users that are interested in IOCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• spydisec / spydithreatintel

  View on GitHub
  Spydi ThreatIntel Feed is built on open-source threat intelligence, community-maintained blocklists, and public security research.
  ☆52Updated this week
• stratosphereips / yara-rules

  View on GitHub
  Repository of Yara rules created by the Stratosphere team
  ☆29Jul 8, 2021Updated 4 years ago
• HarfangLab / iocs

  View on GitHub
  Indicators of compromise
  ☆19May 18, 2026Updated 3 weeks ago
• olafhartong / Invoke-Phant0m

  View on GitHub
  Windows Event Log Killer
  ☆12May 22, 2017Updated 9 years ago
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆28Apr 10, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• JPCERTCC / etw-scan

  View on GitHub
  ETW forensic tool for Volatility3 plugin
  ☆17Nov 15, 2024Updated last year
• bitdefender / malware-ioc

  View on GitHub
  Indicators of Compromise for malware documented in whitepapers.
  ☆45May 13, 2026Updated last month
• ThreatLabz / iocs

  View on GitHub
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆79Jan 26, 2026Updated 4 months ago
• sophoslabs / IoCs

  View on GitHub
  Sophos-originated indicators-of-compromise from published reports
  ☆667May 14, 2026Updated last month
• 0xmitsurugi / SandboxingMalware

  View on GitHub
  A malware sandoxed with gdb
  ☆15Jun 27, 2016Updated 9 years ago
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Updated this week
• Truesec / Kaseya-CheckandMitigate

  View on GitHub
  This repository contains a script created by Truesec CSIRT team which can be used to identify signs of compromise and to some extent, mit…
  ☆11Jul 7, 2021Updated 4 years ago
• pan-unit42 / tweets

  View on GitHub
  ☆130Jan 29, 2024Updated 2 years ago
• SentineLabs / PowerTrick

  View on GitHub
  This is a repository for the public blog with Labs indicators of compromise and code
  ☆18Jan 8, 2020Updated 6 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• gendigitalinc / ioc

  View on GitHub
  Threat Intel IoCs + bits and pieces of dark matter. Published by Gen Threat Labs.
  ☆452Jun 1, 2026Updated 2 weeks ago
• PwCUK-CTO / SANSCTISummit2021-xStart

  View on GitHub
  Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
  ☆14Jul 12, 2021Updated 4 years ago
• Squiblydoo / MalAPIReader

  View on GitHub
  Reads and prints information from the website MalAPI.io
  ☆22Jul 14, 2022Updated 3 years ago
• center-for-threat-informed-defense / attack-sync

  View on GitHub
  ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…
  ☆28May 19, 2026Updated 3 weeks ago
• SIFalcon / Detection

  View on GitHub
  ☆24Jul 7, 2023Updated 2 years ago
• 0xDanielLopez / TweetFeed

  View on GitHub
  TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains…
  ☆659Updated this week
• Yamato-Security / hayabusa-rules

  View on GitHub
  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
  ☆219Updated this week
• silascutler / DetuxNG

  View on GitHub
  The Multiplatform Linux Sandbox
  ☆16Dec 19, 2023Updated 2 years ago
• tylabs / cryptam

  View on GitHub
  cryptam document malware analysis tool
  ☆13Jun 18, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• deadbits / yara-rules

  View on GitHub
  Collection of YARA signatures from individual research
  ☆44Nov 20, 2023Updated 2 years ago
• pimdegroot / homeclimate

  View on GitHub
  Repository for the home climate monitoring I built
  ☆17Jul 9, 2019Updated 6 years ago
• carbonblack / active_c2_ioc_public

  View on GitHub
  Active C2 IoCs
  ☆100Nov 28, 2022Updated 3 years ago
• mantvydasb / c-playground

  View on GitHub
  C & Shellcode Playground..
  ☆10Dec 2, 2017Updated 8 years ago
• LETHAL-FORENSICS / MemProcFS-Analyzer

  View on GitHub
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆719May 2, 2026Updated last month
• 3c7 / yaramanager

  View on GitHub
  Simple yara rule manager
  ☆67Dec 27, 2022Updated 3 years ago
• drb-ra / C2IntelFeeds

  View on GitHub
  Automatically created C2 Feeds
  ☆721Updated this week
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆920Nov 3, 2025Updated 7 months ago
• stairwell-inc / threat-research

  View on GitHub
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆23Jan 31, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• google / threat-team

  View on GitHub
  No longer maintained. Please refer to Google Threat Intelligence / Virus Total collections.
  ☆66Apr 3, 2026Updated 2 months ago
• openhunting-io / ohcti-malwareinfra

  View on GitHub
  Threat Hunting Malware Infrastructure
  ☆11Dec 3, 2023Updated 2 years ago
• InQuest / iocextract

  View on GitHub
  Defanged Indicator of Compromise (IOC) Extractor.
  ☆580Aug 28, 2024Updated last year
• SkillAegis / SkillAegis

  View on GitHub
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆38Jun 5, 2026Updated last week
• blacklotuslabs / Research

  View on GitHub
  The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.
  ☆12Jun 18, 2021Updated 4 years ago
• projectdiscovery / smb

  View on GitHub
  An SMB library in Go
  ☆13Oct 27, 2022Updated 3 years ago
• vertexproject / synapse-quickstart

  View on GitHub
  Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.
  ☆52May 16, 2022Updated 4 years ago