blacklotuslabs/IOCs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

blacklotuslabs/IOCs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/blacklotuslabs/IOCs)

Close

blacklotuslabs / IOCsView on GitHubMore

• External links
• Readme badge

IOCs published by Black Lotus Labs

☆140Apr 8, 2026Updated last week

Alternatives and similar repositories for IOCs

Users that are interested in IOCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• spydisec / spydithreatintel

  View on GitHub
  Spydi ThreatIntel Feed is built on open-source threat intelligence, community-maintained blocklists, and public security research.
  ☆51Updated this week
• stratosphereips / yara-rules

  View on GitHub
  Repository of Yara rules created by the Stratosphere team
  ☆29Jul 8, 2021Updated 4 years ago
• HarfangLab / iocs

  View on GitHub
  Indicators of compromise
  ☆17Jan 29, 2026Updated 2 months ago
• mlodic / ursnif_beacon_decryptor

  View on GitHub
  Ursnif beacon decryptor
  ☆27Mar 20, 2023Updated 3 years ago
• olafhartong / Invoke-Phant0m

  View on GitHub
  Windows Event Log Killer
  ☆12May 22, 2017Updated 8 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆29Apr 10, 2024Updated 2 years ago
• JPCERTCC / etw-scan

  View on GitHub
  ETW forensic tool for Volatility3 plugin
  ☆17Nov 15, 2024Updated last year
• bitdefender / malware-ioc

  View on GitHub
  Indicators of Compromise for malware documented in whitepapers.
  ☆46Apr 1, 2026Updated last week
• ThreatLabz / iocs

  View on GitHub
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆79Jan 26, 2026Updated 2 months ago
• hausec / CobaltStrikeToGhostWriter

  View on GitHub
  Log converter from CS log to Ghostwriter CSV
  ☆31Nov 23, 2020Updated 5 years ago
• sophoslabs / IoCs

  View on GitHub
  Sophos-originated indicators-of-compromise from published reports
  ☆656Mar 31, 2026Updated 2 weeks ago
• 0xmitsurugi / SandboxingMalware

  View on GitHub
  A malware sandoxed with gdb
  ☆15Jun 27, 2016Updated 9 years ago
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Dec 4, 2025Updated 4 months ago
• Truesec / Kaseya-CheckandMitigate

  View on GitHub
  This repository contains a script created by Truesec CSIRT team which can be used to identify signs of compromise and to some extent, mit…
  ☆11Jul 7, 2021Updated 4 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• pan-unit42 / tweets

  View on GitHub
  ☆130Jan 29, 2024Updated 2 years ago
• SentineLabs / PowerTrick

  View on GitHub
  This is a repository for the public blog with Labs indicators of compromise and code
  ☆18Jan 8, 2020Updated 6 years ago
• gendigitalinc / ioc

  View on GitHub
  Threat Intel IoCs + bits and pieces of dark matter. Published by Gen Threat Labs.
  ☆445Apr 7, 2026Updated last week
• PwCUK-CTO / SANSCTISummit2021-xStart

  View on GitHub
  Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".
  ☆14Jul 12, 2021Updated 4 years ago
• Squiblydoo / MalAPIReader

  View on GitHub
  Reads and prints information from the website MalAPI.io
  ☆20Jul 14, 2022Updated 3 years ago
• center-for-threat-informed-defense / attack-sync

  View on GitHub
  ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…
  ☆24Dec 5, 2025Updated 4 months ago
• SIFalcon / Detection

  View on GitHub
  ☆23Jul 7, 2023Updated 2 years ago
• 0xDanielLopez / TweetFeed

  View on GitHub
  TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains…
  ☆650Updated this week
• Yamato-Security / hayabusa-rules

  View on GitHub
  Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.
  ☆215Apr 1, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• silascutler / DetuxNG

  View on GitHub
  The Multiplatform Linux Sandbox
  ☆16Dec 19, 2023Updated 2 years ago
• tylabs / cryptam

  View on GitHub
  cryptam document malware analysis tool
  ☆13Jun 18, 2023Updated 2 years ago
• deadbits / yara-rules

  View on GitHub
  Collection of YARA signatures from individual research
  ☆44Nov 20, 2023Updated 2 years ago
• pimdegroot / homeclimate

  View on GitHub
  Repository for the home climate monitoring I built
  ☆17Jul 9, 2019Updated 6 years ago
• carbonblack / active_c2_ioc_public

  View on GitHub
  Active C2 IoCs
  ☆99Nov 28, 2022Updated 3 years ago
• drb-ra / C2IntelFeeds

  View on GitHub
  Automatically created C2 Feeds
  ☆671Updated this week
• LETHAL-FORENSICS / MemProcFS-Analyzer

  View on GitHub
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆702Oct 22, 2025Updated 5 months ago
• mantvydasb / c-playground

  View on GitHub
  C & Shellcode Playground..
  ☆10Dec 2, 2017Updated 8 years ago
• 3c7 / yaramanager

  View on GitHub
  Simple yara rule manager
  ☆67Dec 27, 2022Updated 3 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆900Nov 3, 2025Updated 5 months ago
• google / threat-team

  View on GitHub
  No longer maintained. Please refer to Google Threat Intelligence / Virus Total collections.
  ☆63Apr 3, 2026Updated last week
• InQuest / iocextract

  View on GitHub
  Defanged Indicator of Compromise (IOC) Extractor.
  ☆575Aug 28, 2024Updated last year
• openhunting-io / ohcti-malwareinfra

  View on GitHub
  Threat Hunting Malware Infrastructure
  ☆11Dec 3, 2023Updated 2 years ago
• sophoslabs / metasploit_gather_exchange

  View on GitHub
  Metasploit Post-Exploitation Gather module for Exchange Server
  ☆25Mar 26, 2021Updated 5 years ago
• blacklotuslabs / Research

  View on GitHub
  The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.
  ☆12Jun 18, 2021Updated 4 years ago
• SkillAegis / SkillAegis

  View on GitHub
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆37Oct 21, 2025Updated 5 months ago