fhightower / ioc-finderLinks
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆167Updated last year
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below
Sorting:
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆123Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆351Updated 3 years ago
- Sigma rules from Joe Security☆216Updated 7 months ago
- A (nearly) production ready Dockered MISP☆232Updated last year
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 3 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated last year
- MISP Docker (XME edition)☆282Updated last year
- Definition, description and relationship types of MISP objects☆99Updated this week
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆152Updated 2 months ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆207Updated 4 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated 3 weeks ago
- Sigma Detection Rule Repository☆89Updated 5 years ago
- OpenCTI Python Client☆137Updated this week
- Defanged Indicator of Compromise (IOC) Extractor.☆536Updated 10 months ago
- ☆173Updated last year
- OSSEM Detection Model☆176Updated 2 years ago
- CASCADE Server☆271Updated 2 years ago
- A CALDERA plugin☆77Updated 3 weeks ago
- ☆165Updated 4 years ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆129Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- Tools to interact with APTnotes reporting/index.☆103Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆436Updated 2 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- ☆130Updated last year
- A framework for orchestrating forensic collection, processing and data export☆324Updated this week
- IOC from articles, tweets for archives☆313Updated last year
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated 3 weeks ago