Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆182Jun 5, 2026Updated this week
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆69Updated this week
- Defanged Indicator of Compromise (IOC) Extractor.☆580Aug 28, 2024Updated last year
- Extract and aggregate threat intelligence.☆914May 26, 2026Updated 2 weeks ago
- Extract indicators of compromise from text, including "escaped" ones.☆163Apr 19, 2020Updated 6 years ago
- A tool to extract structured cyber information from incident reports.☆82Aug 30, 2018Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆390May 11, 2022Updated 4 years ago
- Graphics, icons, and diagrams to support STIX 2☆48Jun 2, 2021Updated 5 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆168Sep 27, 2022Updated 3 years ago
- Threat Feed Aggregation, Made Easy☆169Jul 13, 2020Updated 5 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- An open source framework for enterprise level automated analysis.☆392Jun 27, 2022Updated 3 years ago
- Your Everyday Threat Intelligence☆1,991May 15, 2026Updated 3 weeks ago
- TTPDrill focuses on developing automated and context-aware analytics of cyber threat intelligence to accurately learn attack patterns (TT…☆27May 29, 2020Updated 6 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Explore Indicators of Compromise Automatically☆97Feb 27, 2020Updated 6 years ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- YARA, SIGMA, SNORT Rules based on Malware Analysis☆17Apr 23, 2025Updated last year
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆129Nov 15, 2023Updated 2 years ago
- APTnotes data☆1,791Dec 16, 2024Updated last year
- A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports☆33Aug 21, 2023Updated 2 years ago
- A FUSE module to mount captured network data☆42May 22, 2026Updated 2 weeks ago
- A mapping of used malware names to commonly known family names☆64Feb 21, 2023Updated 3 years ago
- Django web interface for managing Yara rules☆196Jul 28, 2018Updated 7 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- CIF v3 -- the fastest way to consume threat intelligence☆184Apr 20, 2023Updated 3 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆43Apr 15, 2024Updated 2 years ago
- ☆24Jul 7, 2023Updated 2 years ago
- Malware/IOC ingestion and processing engine☆110Nov 20, 2018Updated 7 years ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆270Mar 17, 2023Updated 3 years ago
- Collection of generic YARA rules☆16Mar 18, 2026Updated 2 months ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆565May 6, 2025Updated last year
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A word2vec model trained over Vulners☆16Jan 3, 2022Updated 4 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Indicators of Compromises (IOC) of our various investigations☆1,956May 20, 2026Updated 2 weeks ago
- Unfetter Insight performs natural language processing and analysis for text data to determine and convert to CTI Stix data automatically.☆20Sep 4, 2018Updated 7 years ago
- Repository of YARA rules made by Trellix ATR Team☆627Mar 18, 2025Updated last year
- A collection of Python utilities for use in scripts related to working with "indicators of compromise" (IOCs).☆16Dec 19, 2018Updated 7 years ago
- Threat-Intel repository. API: https://github.com/davidonzo/apiosintDS☆164Oct 18, 2024Updated last year