Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆180Apr 23, 2026Updated this week
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆68Oct 2, 2023Updated 2 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆576Aug 28, 2024Updated last year
- Extract and aggregate threat intelligence.☆911Jan 31, 2024Updated 2 years ago
- Extract indicators of compromise from text, including "escaped" ones.☆162Apr 19, 2020Updated 6 years ago
- A tool to extract structured cyber information from incident reports.☆82Aug 30, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆391May 11, 2022Updated 3 years ago
- Graphics, icons, and diagrams to support STIX 2☆48Jun 2, 2021Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- Threat Feed Aggregation, Made Easy☆169Jul 13, 2020Updated 5 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆393Jun 27, 2022Updated 3 years ago
- Your Everyday Threat Intelligence☆1,974Apr 14, 2026Updated 2 weeks ago
- TTPDrill focuses on developing automated and context-aware analytics of cyber threat intelligence to accurately learn attack patterns (TT…☆28May 29, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Explore Indicators of Compromise Automatically☆97Feb 27, 2020Updated 6 years ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated last year
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆127Nov 15, 2023Updated 2 years ago
- APTnotes data☆1,786Dec 16, 2024Updated last year
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆32Aug 21, 2023Updated 2 years ago
- A FUSE module to mount captured network data☆42Jun 20, 2025Updated 10 months ago
- A mapping of used malware names to commonly known family names☆63Feb 21, 2023Updated 3 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- CIF v3 -- the fastest way to consume threat intelligence☆183Apr 20, 2023Updated 3 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆43Apr 15, 2024Updated 2 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- Malware/IOC ingestion and processing engine☆110Nov 20, 2018Updated 7 years ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆270Mar 17, 2023Updated 3 years ago
- Collection of generic YARA rules☆16Mar 18, 2026Updated last month
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆561May 6, 2025Updated 11 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A word2vec model trained over Vulners☆16Jan 3, 2022Updated 4 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,946Apr 23, 2026Updated last week
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆20Sep 4, 2018Updated 7 years ago
- Repository of YARA rules made by Trellix ATR Team☆627Mar 18, 2025Updated last year
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS☆163Oct 18, 2024Updated last year