fhightower / ioc-finderLinks
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆164Updated last year
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below
Sorting:
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆121Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆352Updated 3 years ago
- Sigma rules from Joe Security☆214Updated 6 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆188Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 2 months ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆128Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 11 months ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆206Updated 4 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆93Updated this week
- Definition, description and relationship types of MISP objects☆100Updated last week
- ☆164Updated 4 years ago
- Security ML models encoded as Yara rules☆214Updated last year
- A (nearly) production ready Dockered MISP☆231Updated last year
- Python API Client for TheHive☆226Updated this week
- Sigma Detection Rule Repository☆88Updated 4 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated last week
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆151Updated last month
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- OSSEM Detection Model☆176Updated 2 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆102Updated 2 weeks ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- ☆116Updated last year
- PCAP Samples for Different Post Exploitation Techniques☆360Updated 4 years ago
- IOC from articles, tweets for archives☆313Updated last year
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆125Updated 6 months ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆116Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Defanged Indicator of Compromise (IOC) Extractor.☆531Updated 9 months ago
- CASCADE Server☆270Updated 2 years ago