fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆164Updated last year
Alternatives and similar repositories for ioc-finder:
Users that are interested in ioc-finder are comparing it to the libraries listed below
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆120Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆349Updated 3 years ago
- Definition, description and relationship types of MISP objects☆96Updated last week
- Sigma rules from Joe Security☆209Updated 5 months ago
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆128Updated last year
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆148Updated this week
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆114Updated last year
- A (nearly) production ready Dockered MISP☆231Updated last year
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 10 months ago
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆124Updated 5 months ago
- Defanged Indicator of Compromise (IOC) Extractor.☆528Updated 7 months ago
- Swagger/ OpenAPI specifications for security products and services☆75Updated 3 weeks ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated last month
- OSSEM Detection Model☆177Updated 2 years ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆137Updated 4 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆187Updated 3 years ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆81Updated 3 years ago
- Mapping NSM rules to MITRE ATT&CK☆71Updated 4 years ago
- ☆164Updated 4 years ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆100Updated 3 months ago
- A tool to extract structured cyber information from incident reports.☆80Updated 6 years ago
- ☆125Updated last year
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated this week
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆143Updated 7 months ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Graph Representation of MITRE ATT&CK's CTI data☆48Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- MISP Docker (XME edition)☆282Updated last year