fhightower / ioc-finderLinks
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆172Updated last year
Alternatives and similar repositories for ioc-finder
Users that are interested in ioc-finder are comparing it to the libraries listed below
Sorting:
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆126Updated last year
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆156Updated 6 months ago
- Definition, description and relationship types of MISP objects☆102Updated this week
- Graphics, icons, and diagrams to support STIX 2☆47Updated 4 years ago
- A tool to extract structured cyber information from incident reports.☆82Updated 7 years ago
- A (nearly) production ready Dockered MISP☆231Updated last year
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆119Updated last year
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆135Updated last year
- Defanged Indicator of Compromise (IOC) Extractor.☆552Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆353Updated 4 years ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆62Updated last year
- Sigma rules from Joe Security☆224Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆157Updated 7 months ago
- STIX2 graph visualisation library in JS☆91Updated 4 months ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆189Updated 4 years ago
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆130Updated 3 months ago
- ☆166Updated 4 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆97Updated 5 months ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆264Updated 2 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆91Updated this week
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆103Updated 3 months ago
- STIX 2.1 Visualizer, Attack and Activity Thread Graph for Threat Modeling☆33Updated 10 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆74Updated last year
- Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .☆65Updated 2 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆141Updated 5 years ago
- Sigma Detection Rule Repository☆91Updated 5 years ago
- Swagger/ OpenAPI specifications for security products and services☆77Updated 2 weeks ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆361Updated 2 weeks ago