Alternatives and similar repositories for iocs:

Users that are interested in iocs are comparing it to the libraries listed below

• invoke-eric / jupyter
  Jupyter Notebooks for Cyber Threat Intelligence
  ☆35Updated last year
• g-les / 100DaysofYARA
  100 Days of YARA to be updated with rules & ideas as the year progresses
  ☆60Updated 2 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆44Updated 4 years ago
• BushidoUK / Exploring-APT-campaigns
  Further investigation in to APT campaigns disclosed by private security firms and security agencies
  ☆86Updated 2 years ago
• hpthreatresearch / tools
  Scripts and tools accompanying HP Threat Research blog posts and reports.
  ☆50Updated last year
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆73Updated 5 months ago
• CIRCL / factual-rules-generator
  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
  ☆76Updated 3 years ago
• pr0xylife / Emotet
  IOC Collection 2022
  ☆57Updated 2 years ago
• dfir-ronin / APT-OpenIOC-Detection-Rules
  This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…
  ☆24Updated last year
• jstrosch / subparse
  Modular malware analysis artifact collection and correlation framework
  ☆53Updated last year
• Cluster25 / detection
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆13Updated last year
• JPCERTCC / jpcert-yara
  JPCERT/CC public YARA rules repository
  ☆106Updated 4 months ago
• The-DFIR-Report / Yara-Rules
  ☆68Updated 2 months ago
• pr0xylife / IcedID
  ☆33Updated last year
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆60Updated last month
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆15Updated 2 years ago
• SecurityRiskAdvisors / dredd
  Automated detection rule analysis utility
  ☆29Updated 2 years ago
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆37Updated 6 months ago
• stvemillertime / RonnieColemanYARAParser
  An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
  ☆21Updated 2 years ago
• CrowdStrike / xwf-yara-scanner
  ☆87Updated last year
• The-DFIR-Report / cyberchef-recipes
  ☆19Updated 3 years ago
• lemmou / RansomNoteFiles
  ☆23Updated last year
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆77Updated last year
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆63Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆69Updated 3 months ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• mgreen27 / mcp-velociraptor
  VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.
  ☆23Updated this week
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated last year
• CybercentreCanada / CCCS-Yara
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆104Updated last month
• mandiant / goauditparser
  ☆44Updated last year