Threat intelligence and threat detection indicators (IOC, IOA)
☆52Nov 27, 2020Updated 5 years ago
Alternatives and similar repositories for detections
Users that are interested in detections are comparing it to the libraries listed below
Sorting:
- ☆22Dec 22, 2020Updated 5 years ago
- ☆17Jan 22, 2026Updated last month
- RisingSun: Decoding SUNBURST C2 to identify infected hosts without network telemetry.☆10Jan 14, 2021Updated 5 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆19Sep 10, 2020Updated 5 years ago
- Web Application for domain name monitoring / alerting☆64Aug 1, 2024Updated last year
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 8 months ago
- ☆12Dec 23, 2021Updated 4 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆14Jan 23, 2024Updated 2 years ago
- THOR Thunderstorm Collectors☆25Updated this week
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- CIRCL system forensic tools or a jumble of tools to support forensic☆41Jan 20, 2023Updated 3 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 5 months ago
- Validates yara rules and tries to repair the broken ones.☆41Sep 5, 2020Updated 5 years ago
- 威胁检测规则集☆15Jul 5, 2019Updated 6 years ago
- Library of threat hunts to get any user started!☆49Sep 4, 2020Updated 5 years ago
- Forensic Artifact Collection Tool Matrix☆95Nov 9, 2024Updated last year
- Collection of useful, up to date, Carbon Black Response Queries☆84Oct 23, 2020Updated 5 years ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 5 months ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- Winterfell is a group of windows batch scripts to collect Windows forensics data and perform efficient, and fast incident response and th…☆52Jul 23, 2020Updated 5 years ago
- gundog - guided hunting in Microsoft Defender☆52Apr 29, 2021Updated 4 years ago
- Repository of YARA rules made by Trellix ATR Team☆625Mar 18, 2025Updated 11 months ago
- ☆21Apr 19, 2024Updated last year
- Paper and Links to Crimeware in the Modern Era☆31Sep 5, 2019Updated 6 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- ☆537Feb 19, 2026Updated last week
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 9 months ago
- My personal experience in Threat Hunting and knowledge gained so far.☆19May 27, 2017Updated 8 years ago
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Scripts and code referenced in CrowdStrike blog posts☆337Nov 13, 2019Updated 6 years ago
- A PHP script to run on your server to grab cookies through xss☆23Mar 25, 2019Updated 6 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- ☆11Apr 25, 2021Updated 4 years ago
- Cyber Underground General Intelligence Requirements☆98Feb 2, 2024Updated 2 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Jun 6, 2022Updated 3 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago