fhightower / ioc-finder
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
☆161Updated last year
Alternatives and similar repositories for ioc-finder:
Users that are interested in ioc-finder are comparing it to the libraries listed below
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆118Updated last year
- Definition, description and relationship types of MISP objects☆93Updated 2 weeks ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆347Updated 3 years ago
- A (nearly) production ready Dockered MISP☆230Updated last year
- OASIS TC Open Repository: TAXII 2 Server Library Written in Python☆124Updated 9 months ago
- OASIS TC Open Repository: Lightweight visualization for STIX 2.0 objects and relationships☆145Updated last month
- Sigma rules from Joe Security☆202Updated 2 months ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 7 months ago
- OASIS TC Open Repository: TAXII 2 Client Library Written in Python☆113Updated 9 months ago
- Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)☆97Updated this week
- OASIS TC Open Repository: Non-normative schemas and examples for STIX 2☆119Updated 2 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆146Updated last year
- Sigma Detection Rule Repository☆84Updated 4 years ago
- OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices☆51Updated last month
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆133Updated 4 years ago
- Tools to interact with APTnotes reporting/index.☆99Updated 4 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- The FASTEST way to consume threat intel.☆65Updated last year
- ☆170Updated 6 months ago
- OSSEM Detection Model☆174Updated 2 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆53Updated last week
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆190Updated this week
- Modules for expansion services, enrichment, import and export in MISP and other tools.☆351Updated 3 weeks ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆89Updated this week
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆100Updated 4 months ago
- Taxonomies used in MISP taxonomy system and can be used by other information sharing tool.☆266Updated last week
- Defanged Indicator of Compromise (IOC) Extractor.☆515Updated 4 months ago
- Swagger/ OpenAPI specifications for security products and services☆75Updated this week
- Graphics, icons, and diagrams to support STIX 2☆44Updated 3 years ago
- A tool to extract structured cyber information from incident reports.☆79Updated 6 years ago