Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
☆30Mar 31, 2026Updated last month
Alternatives and similar repositories for IOCs
Users that are interested in IOCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- MAES: M365 Analyzer & Extractor Suite Po☆36Apr 16, 2026Updated 2 weeks ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆23Updated this week
- A collection of methods to learn who the owner of an IP address is.☆233Sep 29, 2025Updated 7 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- lnk_parser is a full rust implementation to parse windows LNK files☆23Feb 17, 2026Updated 2 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆65Dec 18, 2024Updated last year
- A recon tool for GCP Service Account Keys that requires no permissions☆27Apr 14, 2025Updated last year
- Yet another fseventsd parser for macOS forensics☆12Jul 20, 2024Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆37Mar 15, 2023Updated 3 years ago
- Slides from various conferences and talks I've given☆14Oct 12, 2025Updated 6 months ago
- Repository with supporting materials for Invictus Academy/Training☆44Jan 3, 2025Updated last year
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Simulation of Akira Ransomware with Invoke-AtomicTest☆18Jul 10, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 11 months ago
- A pure PowerShell/ .NET DFIR capability that dumps the Windows SRUM (System Resource Usage Monitor) database to CSVs for analysis.☆14Oct 21, 2021Updated 4 years ago
- ☆35Updated this week
- Automatic/Custom Destinations & LNK (MS-SHLLINK) Browser☆47Apr 4, 2026Updated last month
- ☆40Nov 29, 2024Updated last year
- PowerShell PE Parser☆63Jun 28, 2024Updated last year
- A catalog of services that can be publicly exposed within different cloud providers.☆14Aug 30, 2024Updated last year
- A tool for fetching DFIR and other GitHub tools.☆27Aug 2, 2025Updated 9 months ago
- Hands-on MCP security lab: 10 real incidents reproduced with vulnerable/secure MCP servers, pytest regressions, and Claude/Cursor battle-…☆88Dec 3, 2025Updated 5 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Quick ESXi Log Parser☆31Oct 20, 2025Updated 6 months ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆25Dec 11, 2024Updated last year
- DFIR Timeline Analysis for macOS — SQLite-backed viewer for CSV, TSV, XLSX, EVTX, Plaso, $MFT, and $J files with built-in process inspect…☆240Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (ext4, XFS) journals (not systemd-journald logs), gene…☆108Apr 8, 2026Updated 3 weeks ago
- Putting a leash on naughty AWS permissions☆135Sep 5, 2025Updated 8 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 10 months ago
- Windows file metadata / forensic tool.☆20Oct 12, 2025Updated 6 months ago
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆266Nov 21, 2025Updated 5 months ago
- ☆109Dec 9, 2025Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A library to parse macOS FsEvents☆25Aug 28, 2022Updated 3 years ago
- ☆30Jan 13, 2026Updated 3 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- CVE-2024-30056 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability☆17May 27, 2024Updated last year
- Releases for the Zui Insiders app.☆23Feb 17, 2025Updated last year
- Repository that will progressively hold tiny projects and code snippets.☆25Jun 13, 2025Updated 10 months ago
- Deep Dork Web is a browser-based tool designed to automate Google Dork searches for ethical security research. It supports advanced queri…☆20Mar 13, 2025Updated last year