Tool to extract indicators of compromise from security reports in PDF format
☆35Mar 5, 2016Updated 9 years ago
Alternatives and similar repositories for ioc_parser
Users that are interested in ioc_parser are comparing it to the libraries listed below
Sorting:
- Various public documents, whitepapers and articles about APT campaigns☆55Apr 1, 2016Updated 9 years ago
- Python API for URL Query☆36May 22, 2016Updated 9 years ago
- Useful scripts, rules etc. for use with YARA☆27Feb 12, 2021Updated 5 years ago
- ☆19Sep 2, 2018Updated 7 years ago
- Just another tool to extract Indicator of compromise (ioc) from files☆29Oct 1, 2015Updated 10 years ago
- DPS' Lightweight Investigation Notebook☆433Dec 31, 2023Updated 2 years ago
- Custom rules for yara-integrated scans☆16Jun 5, 2013Updated 12 years ago
- Yara rules☆10Dec 10, 2019Updated 6 years ago
- Passive DNS server interface compliant to "Common Output Format"☆10Sep 19, 2016Updated 9 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆439Feb 24, 2023Updated 3 years ago
- Indicator Extractor☆141Jul 14, 2018Updated 7 years ago
- Home to the ActorTrackr source code☆24Jun 21, 2017Updated 8 years ago
- Tools for VirusTotal☆37Nov 29, 2012Updated 13 years ago
- Ponmocup Indicators of Compromise☆11Feb 4, 2016Updated 10 years ago
- A research done by Yaara Shriki and Roman Zaikin on Google maps April Fool Prank.☆15Oct 21, 2019Updated 6 years ago
- Tool to check DKIM-Signature of many emails and report results in a spreadsheet☆13Oct 21, 2016Updated 9 years ago
- Turn a supported list of filetypes (e.g. .docx) into a markdown structured text file. Also optionally defangs indicators and extract text…☆12Feb 5, 2026Updated 3 weeks ago
- Maltego Transform to put entities into MISP events☆28Jul 24, 2021Updated 4 years ago
- CRL Monitor - X.509 Certificate Revocation List monitoring and X.509/Subject caching☆35Apr 16, 2021Updated 4 years ago
- A set of templates for documenting threat intelligence☆75Feb 28, 2013Updated 13 years ago
- Bro Snippets☆21Nov 7, 2014Updated 11 years ago
- Parse a report and import the events into MISP☆30Oct 19, 2015Updated 10 years ago
- A 'Universal WHOIS' proxy server - you query it, it gives back the correct details☆42Nov 29, 2025Updated 3 months ago
- ☆14May 30, 2018Updated 7 years ago
- Generate MAEC XML from Ero Carrera's pefile output☆15Mar 6, 2017Updated 8 years ago
- SACTI - Securely aggregate CTI sightings and report them on MISP☆14Oct 24, 2022Updated 3 years ago
- Python libary to normalize Yara signatures☆19Oct 9, 2020Updated 5 years ago
- Sighting DB is designed to scale writing and reading a count of attributes, tracking when if was first and last seen☆17Apr 11, 2024Updated last year
- A collection of Yara rules I have created so far☆16Oct 26, 2020Updated 5 years ago
- Python script to pull various IOCs from PDFs☆15Dec 22, 2014Updated 11 years ago
- Automated IOC-Generation scripts and tools☆24Sep 14, 2016Updated 9 years ago
- (Unofficial) Python API for https://malwr.com/☆62Oct 13, 2016Updated 9 years ago
- threat language parser☆59Apr 20, 2015Updated 10 years ago
- Simple python wrapper for the Robtex API (see https://www.robtex.com/api/).☆13Apr 17, 2021Updated 4 years ago
- Create Suricata and Snort DNS signatures given a single domain or list of domains in a file.☆18Nov 13, 2017Updated 8 years ago
- Threat Feed Aggregation, Made Easy☆169Jul 13, 2020Updated 5 years ago
- Maltego Transforms to Query Traffic Records☆34Oct 13, 2015Updated 10 years ago
- Scripts for communication with Bunitu Trojan C&Cs☆19Oct 29, 2015Updated 10 years ago
- Yara rules☆49Jan 28, 2014Updated 12 years ago