fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆157Updated 10 months ago
Related projects: ⓘ
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆111Updated 10 months ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆119Updated 5 months ago
- Definition, description and relationship types of MISP objects☆91Updated this week
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆135Updated 6 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 3 months ago
- STIX2 graph visualisation library in JS☆72Updated 2 weeks ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆344Updated 2 years ago
- A (nearly) production ready Dockered MISP☆226Updated 8 months ago
- Sigma rules from Joe Security☆199Updated last month
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆108Updated 5 months ago
- A tool to extract structured cyber information from incident reports.☆78Updated 6 years ago
- Swagger/ OpenAPI specifications for security products and services☆73Updated 2 weeks ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆104Updated 8 months ago
- Tools to interact with APTnotes reporting/index.☆94Updated 3 years ago
- Security ML models encoded as Yara rules☆207Updated last year
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆94Updated 3 months ago
- ☆158Updated 3 years ago
- ☆167Updated 2 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆184Updated 3 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆59Updated 9 months ago
- MISP Docker (XME edition)☆283Updated 9 months ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆112Updated 5 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆135Updated 2 weeks ago
- A CALDERA plugin☆72Updated 2 months ago
- OSSEM Detection Model☆166Updated last year
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆130Updated 3 years ago
- OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices☆50Updated 5 months ago
- Python API Client for TheHive☆213Updated 2 weeks ago