Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆181May 14, 2026Updated this week
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆69May 13, 2026Updated last week
- Defanged Indicator of Compromise (IOC) Extractor.☆578Aug 28, 2024Updated last year
- Extract and aggregate threat intelligence.☆910Jan 31, 2024Updated 2 years ago
- Extract indicators of compromise from text, including "escaped" ones.☆163Apr 19, 2020Updated 6 years ago
- A tool to extract structured cyber information from incident reports.☆82Aug 30, 2018Updated 7 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆390May 11, 2022Updated 4 years ago
- Graphics, icons, and diagrams to support STIX 2☆48Jun 2, 2021Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- Threat Feed Aggregation, Made Easy☆169Jul 13, 2020Updated 5 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆393Jun 27, 2022Updated 3 years ago
- Your Everyday Threat Intelligence☆1,982Updated this week
- TTPDrill focuses on developing automated and context-aware analytics of cyber threat intelligence to accurately learn attack patterns (TT…☆28May 29, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Explore Indicators of Compromise Automatically☆97Feb 27, 2020Updated 6 years ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated last year
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆129Nov 15, 2023Updated 2 years ago
- APTnotes data☆1,786Dec 16, 2024Updated last year
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆32Aug 21, 2023Updated 2 years ago
- A FUSE module to mount captured network data☆42Jun 20, 2025Updated 11 months ago
- A mapping of used malware names to commonly known family names☆63Feb 21, 2023Updated 3 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- CIF v3 -- the fastest way to consume threat intelligence☆184Apr 20, 2023Updated 3 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆43Apr 15, 2024Updated 2 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- Malware/IOC ingestion and processing engine☆110Nov 20, 2018Updated 7 years ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆270Mar 17, 2023Updated 3 years ago
- Collection of generic YARA rules☆16Mar 18, 2026Updated 2 months ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆564May 6, 2025Updated last year
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A word2vec model trained over Vulners☆16Jan 3, 2022Updated 4 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,952Updated this week
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆20Sep 4, 2018Updated 7 years ago
- Repository of YARA rules made by Trellix ATR Team☆627Mar 18, 2025Updated last year
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS☆165Oct 18, 2024Updated last year