fhightower / ioc-finderLinks
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆168Updated last year
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below
Sorting:
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆125Updated last year
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆132Updated last year
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆154Updated 4 months ago
- A tool to extract structured cyber information from incident reports.☆80Updated 7 years ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆353Updated 3 years ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆116Updated last year
- Definition, description and relationship types of MISP objects☆100Updated last month
- A (nearly) production ready Dockered MISP☆232Updated last year
- Sigma rules from Joe Security☆219Updated 10 months ago
- Defanged Indicator of Compromise (IOC) Extractor.☆546Updated last year
- Graphics, icons, and diagrams to support STIX 2☆47Updated 4 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- STIX2 graph visualisation library in JS☆91Updated 2 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆127Updated last month
- Mapping NSM rules to MITRE ATT&CK☆71Updated 5 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated 2 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆73Updated last year
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆90Updated 2 weeks ago
- The FASTEST way to consume threat intel.☆68Updated 2 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- OpenCTI Python Client☆143Updated this week
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆355Updated last week
- ☆175Updated last year
- Tools to interact with APTnotes reporting/index.☆104Updated 4 years ago
- Cortex Analyzers Repository☆466Updated last week
- SIEGMA - Transform Sigma rules into SIEM consumables☆155Updated 6 months ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated 9 months ago
- MISP Docker (XME edition)☆282Updated last year