fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆158Updated last year
Related projects ⓘ
Alternatives and complementary repositories for ioc-finder
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆116Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 5 months ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆346Updated 3 years ago
- Definition, description and relationship types of MISP objects☆91Updated last week
- Tools to interact with APTnotes reporting/index.☆97Updated 4 years ago
- Sigma rules from Joe Security☆203Updated 2 weeks ago
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆140Updated this week
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆122Updated 7 months ago
- STIX2 graph visualisation library in JS☆85Updated this week
- OSSEM Detection Model☆168Updated 2 years ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆111Updated 7 months ago
- Swagger/ OpenAPI specifications for security products and services☆73Updated last month
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated 10 months ago
- A tool to extract structured cyber information from incident reports.☆78Updated 6 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆132Updated 4 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆85Updated this week
- The FASTEST way to consume threat intel.☆64Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆184Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- ☆158Updated 3 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆84Updated last week
- Defanged Indicator of Compromise (IOC) Extractor.☆506Updated 2 months ago
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- MISP Docker (XME edition)☆283Updated 11 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- Graphics, icons, and diagrams to support STIX 2☆42Updated 3 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆60Updated 11 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆429Updated last year
- A (nearly) production ready Dockered MISP☆230Updated 10 months ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆96Updated 5 months ago