iocs

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

Real-time HTTP Intrusion Detection

Cortex: a Powerful Observable Analysis and Active Response Engine

Awesome Security lists for SOC/CERT/CTI

Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

Automatically created C2 Feeds

Repository of YARA rules made by Trellix ATR Team

Awesome list of keywords and artifacts for Threat Hunting sessions

Documentation of TheHive

The OSINT Omnibus (beta release)

Bringing you the best of the worst files on the Internet.

本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。

👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

Extract indicators of compromise from text, including "escaped" ones.

Open Dataset of Cobalt Strike Beacon metadata (2018-2022)

Historical list of {Cobalt Strike,NanoHTTPD} servers

This repository contains Malicious Indicator of Compromise (IOC) blocklist for MISP, firewall which is vital for cybersecurity professionals to enhance threat detection and improve incident response capabilities.

LOKI2 - Simple IOC and YARA Scanner

Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)