fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆164Updated last year
Alternatives and similar repositories for ioc-finder:
Users that are interested in ioc-finder are comparing it to the libraries listed below
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆119Updated last year
- Sigma rules from Joe Security☆207Updated 5 months ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆349Updated 3 years ago
- Tools to interact with APTnotes reporting/index.☆100Updated 4 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 2 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Definition, description and relationship types of MISP objects☆96Updated last week
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- A (nearly) production ready Dockered MISP☆231Updated last year
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆524Updated 7 months ago
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆147Updated 4 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated 3 weeks ago
- ☆27Updated 4 years ago
- ☆172Updated 9 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆186Updated 3 years ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆128Updated 11 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆71Updated 9 months ago
- STIX2 graph visualisation library in JS☆90Updated 2 months ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆113Updated 11 months ago
- Swagger/ OpenAPI specifications for security products and services☆75Updated last week
- OSSEM Detection Model☆177Updated 2 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆475Updated last year
- ☆128Updated 3 years ago
- CASCADE Server☆268Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆434Updated 2 years ago
- A CALDERA plugin☆76Updated 3 weeks ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆260Updated 6 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆354Updated this week