team-cymru / iocs
We publish indicators of compromise related to our stories here. See https://blog.team-cymru.com/ for more information.
☆9Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for iocs
- Automate the regular transfer of AIS data into a MISP Server☆6Updated 5 months ago
- nmap/ndiff based scanner with template based notification system in case of infrastructure changes☆18Updated 6 years ago
- A tool to generate log messages related to interfaces, neighbor cache (ARP,NDP), IP address, routing, FIB rules, traffic control.☆31Updated last month
- Setting up a training environment for MISP☆11Updated last year
- Yara rules for malicious javascript files from public repositories or written by me.☆12Updated 2 years ago
- Generate bulk YARA rules from YAML input☆22Updated 4 years ago
- Python library for image hashing and deduplication☆11Updated 8 years ago
- Chrome extension to extract data from websites surfed inside of chrome☆18Updated 9 years ago
- A mapping project between tags (annotations, labels) and domain names☆11Updated 6 months ago
- Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.☆8Updated 5 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Updated 7 months ago
- The Multiplatform Linux Sandbox☆15Updated 10 months ago
- ☆22Updated 3 years ago
- CyCAT.org taxonomies☆14Updated 3 years ago
- Download a Bunch of Malware for Demos and Testing☆13Updated 6 years ago
- An active domain name query tool to help keep track of domain name movements...☆15Updated 3 years ago
- Automatic generator of YARA modules based in protocol buffers☆14Updated last month
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆14Updated last year
- Repository to provide files related to our blog articles.☆15Updated 8 months ago
- ☆24Updated 2 years ago
- ☆15Updated 6 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Updated 7 years ago
- A Zeek package that detects Zoom logins and meeting joins☆11Updated 4 years ago
- crappy set of one-off scripts and tools used for reversing and vulnerability research.☆11Updated 2 years ago
- Extract, defang, resolve names and IPs from text☆23Updated 10 months ago
- CertWatcher is a new take on monitoring for phishing sites. It is meant to be a set and forget service that will send you a daily report …☆11Updated 4 years ago
- A privacy-aware exchange module to securely and privately share your indicators☆13Updated 7 years ago
- introduction to distributed scanning using vultr☆11Updated 7 years ago
- Minimal Indicator Storage System☆11Updated 3 years ago
- Yara filetype plugin for Vim.☆14Updated 3 years ago