Alternatives and similar repositories for ioc-finder

Users that are interested in ioc-finder are comparing it to the libraries listed below

• ioc-fang / ioc-fanger

  View on GitHub
  Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
  ☆68Oct 2, 2023Updated 2 years ago
• InQuest / iocextract

  View on GitHub
  Defanged Indicator of Compromise (IOC) Extractor.
  ☆564Aug 28, 2024Updated last year
• InQuest / ThreatIngestor

  View on GitHub
  Extract and aggregate threat intelligence.
  ☆902Jan 31, 2024Updated 2 years ago
• InQuest / yara-rules

  View on GitHub
  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
  ☆388May 11, 2022Updated 3 years ago
• TheHive-Project / Hippocampe

  View on GitHub
  Threat Feed Aggregation, Made Easy
  ☆169Jul 13, 2020Updated 5 years ago
• plyara / plyara

  View on GitHub
  Parse YARA rules and operate over them more easily.
  ☆195Feb 6, 2025Updated last year
• cmu-sei / cyobstract

  View on GitHub
  A tool to extract structured cyber information from incident reports.
  ☆82Aug 30, 2018Updated 7 years ago
• fkie-cad / pcapFS

  View on GitHub
  A FUSE module to mount captured network data
  ☆41Jun 20, 2025Updated 7 months ago
• PUNCH-Cyber / stoq

  View on GitHub
  An open source framework for enterprise level automated analysis.
  ☆393Jun 27, 2022Updated 3 years ago
• pe3zx / mthc

  View on GitHub
  All-in-one bundle of MISP, TheHive and Cortex
  ☆169Sep 27, 2022Updated 3 years ago
• yeti-platform / yeti

  View on GitHub
  Your Everyday Threat Intelligence
  ☆1,949Updated this week
• tenzir / threatbus

  View on GitHub
  🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.
  ☆269Mar 17, 2023Updated 2 years ago
• certtools / malware_name_mapping

  View on GitHub
  A mapping of used malware names to commonly known family names
  ☆62Feb 21, 2023Updated 2 years ago
• assafmo / xioc

  View on GitHub
  Extract indicators of compromise from text, including "escaped" ones.
  ☆162Apr 19, 2020Updated 5 years ago
• csirtgadgets / bearded-avenger

  View on GitHub
  CIF v3 -- the fastest way to consume threat intelligence
  ☆183Apr 20, 2023Updated 2 years ago
• freetaxii / stix2-graphics

  View on GitHub
  Graphics, icons, and diagrams to support STIX 2
  ☆48Jun 2, 2021Updated 4 years ago
• JPMinty / Detection_Engineering_Signatures

  View on GitHub
  YARA, SIGMA, SNORT Rules based on Malware Analysis
  ☆16Apr 23, 2025Updated 9 months ago
• sk4la / plast

  View on GitHub
  Modular command-line threat hunting tool & framework.
  ☆17Jul 20, 2020Updated 5 years ago
• SIFalcon / Detection

  View on GitHub
  ☆22Jul 7, 2023Updated 2 years ago
• armbues / ioc_parser

  View on GitHub
  Tool to extract indicators of compromise from security reports in PDF format
  ☆439Feb 24, 2023Updated 2 years ago
• PUNCH-Cyber / YaraGuardian

  View on GitHub
  Django web interface for managing Yara rules
  ☆197Jul 28, 2018Updated 7 years ago
• 3c7 / infrastructure-tracking-schema

  View on GitHub
  ☆24Sep 28, 2022Updated 3 years ago
• oasis-open / cti-stix-generator

  View on GitHub
  OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…
  ☆43Apr 15, 2024Updated last year
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆623Mar 18, 2025Updated 10 months ago
• Mhackiori / STIXnet

  View on GitHub
  A Novel and Modular Solution for Extracting All STIX Objects in CTI Reports
  ☆28Aug 21, 2023Updated 2 years ago
• KaiLiu-Leo / TTPDrill-0.5

  View on GitHub
  TTPDrill focuses on developing automated and context-aware analytics of cyber threat intelligence to accurately learn attack patterns (TT…
  ☆28May 29, 2020Updated 5 years ago
• aptnotes / data

  View on GitHub
  APTnotes data
  ☆1,771Dec 16, 2024Updated last year
• fxb-cocacoding / yara-signator

  View on GitHub
  Automatic YARA rule generation for Malpedia
  ☆168Sep 8, 2022Updated 3 years ago
• MISP / PyMISPWarningLists

  View on GitHub
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Jan 8, 2026Updated last month
• silascutler / MalPipe

  View on GitHub
  Malware/IOC ingestion and processing engine
  ☆109Nov 20, 2018Updated 7 years ago
• OTRF / sigma

  View on GitHub
  Generic Signature Format for SIEM Systems
  ☆14Oct 27, 2021Updated 4 years ago
• Elemental-attack / Elemental

  View on GitHub
  Elemental - An ATT&CK Threat Library
  ☆318Dec 8, 2022Updated 3 years ago
• eset / malware-ioc

  View on GitHub
  Indicators of Compromises (IOC) of our various investigations
  ☆1,914Jan 30, 2026Updated 2 weeks ago
• vlegoy / rcATT

  View on GitHub
  A python app to predict Att&ck tactics and techniques from cyber threat reports
  ☆128Nov 15, 2023Updated 2 years ago
• Shuffle / python-apps

  View on GitHub
  Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:
  ☆123Feb 8, 2026Updated last week
• telekom-security / malware_analysis

  View on GitHub
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆117Dec 13, 2023Updated 2 years ago
• certsocietegenerale / fame

  View on GitHub
  FAME Automates Malware Evaluation
  ☆926Dec 16, 2025Updated last month
• dfirtrack / dfirtrack

  View on GitHub
  DFIRTrack - The Incident Response Tracking Application
  ☆532Jan 13, 2026Updated last month
• karttoon / iocs

  View on GitHub
  IoC's, PCRE's, YARA's etc
  ☆24Mar 25, 2025Updated 10 months ago