An npm package for extracting common IoC (Indicator of Compromise) from a block of text
☆59Oct 5, 2025Updated 5 months ago
Alternatives and similar repositories for ioc-extractor
Users that are interested in ioc-extractor are comparing it to the libraries listed below
Sorting:
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- A dataset of phishing kits in the wild☆15Jun 1, 2024Updated last year
- ☆23Mar 17, 2024Updated last year
- ☆22Dec 22, 2020Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- An npm package to defang and refang IoC☆12Sep 7, 2025Updated 5 months ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Information Stealers Wall of Sheep (IS-WOS)☆11Nov 13, 2020Updated 5 years ago
- Yet another way to find where to report an abuse☆31Jan 25, 2025Updated last year
- pyJARM is a library for doing JARM fingerprinting using python☆50Mar 23, 2025Updated 11 months ago
- ☆21Jul 27, 2020Updated 5 years ago
- Python tool and library to help analyze files during malware triage and analysis.☆78Jul 2, 2020Updated 5 years ago
- Defanged Indicator of Compromise (IOC) Extractor.☆569Aug 28, 2024Updated last year
- URL fingerprinting made easy☆89Apr 13, 2024Updated last year
- Capa analysis importer for Ghidra.☆64Dec 2, 2020Updated 5 years ago
- Rust Windows EDR (user-mode, no driver): ETW → Sysmon-style normalization → Sigma/Yara/IOC detection → ECS NDJSON alerts.☆64Feb 15, 2026Updated 2 weeks ago
- ☆537Feb 26, 2026Updated last week
- A curated list of awesome YARA rules, tools, and people.☆33Oct 26, 2023Updated 2 years ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆21Aug 23, 2024Updated last year
- A phishing kit collector for scavengers☆220Jan 22, 2026Updated last month
- Warning lists to inform users of MISP about potential false-positives or other information in indicators☆606Feb 10, 2026Updated 3 weeks ago
- BlackBerry Threat Research & Intelligence☆100Oct 20, 2023Updated 2 years ago
- Gather Open-Source Intelligence using PowerShell.☆178Oct 20, 2019Updated 6 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Sep 18, 2018Updated 7 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.☆12Mar 27, 2019Updated 6 years ago
- Domain, IPv4 & v6 address & network information gathering, web server analysis, DNS- & BGP- related information☆12Nov 29, 2023Updated 2 years ago
- ☆13Jul 14, 2020Updated 5 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- A CLI tool for querying passive DNS services☆42Dec 15, 2023Updated 2 years ago
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- Repository of Yara rules dedicated to Phishing Kits Zip files☆238Feb 9, 2026Updated 3 weeks ago
- Leverage AMSI (Antimalware Scan Interface) technology to aid your analysis. This tool saves all buffers (scripts, .NET assemblies, etc) …☆111Apr 20, 2021Updated 4 years ago
- Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.☆29Apr 10, 2024Updated last year
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago