fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆164Updated last year
Alternatives and similar repositories for ioc-finder:
Users that are interested in ioc-finder are comparing it to the libraries listed below
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆120Updated last year
- Definition, description and relationship types of MISP objects☆97Updated 3 weeks ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆128Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 10 months ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 3 months ago
- Sigma rules from Joe Security☆209Updated 6 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated last month
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆349Updated 3 years ago
- Tools to interact with APTnotes reporting/index.☆103Updated 4 years ago
- ☆164Updated 4 years ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- Swagger/ OpenAPI specifications for security products and services☆76Updated last month
- Tool to extract indicators of compromise from security reports in PDF format☆434Updated 2 years ago
- A (nearly) production ready Dockered MISP☆231Updated last year
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- A CALDERA plugin☆76Updated 2 weeks ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆137Updated 4 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆187Updated 4 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆53Updated last week
- OSSEM Detection Model☆178Updated 2 years ago
- Security ML models encoded as Yara rules☆214Updated last year
- A Splunk app to use MISP in background☆110Updated last month
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆125Updated 6 months ago
- Defanged Indicator of Compromise (IOC) Extractor.☆529Updated 8 months ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆114Updated last year
- TAXII server implementation in Python from EclecticIQ☆197Updated last year
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year