ThePhish: an automated phishing email analysis tool

Extract and aggregate threat intelligence.

ReversingLabs YARA Rules

Automatically created C2 Feeds

Defanged Indicator of Compromise (IOC) Extractor.

A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.

Extract indicators of compromise from text, including "escaped" ones.

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

Open Dataset of Cobalt Strike Beacon metadata (2018-2022)

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

Cyber Threat Intelligence Data, Indicators, and Analysis

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

An npm package for extracting common IoC (Indicator of Compromise) from a block of text

Threat intelligence and threat detection indicators (IOC, IOA)

A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.

A commercial grade threat intelligence feed thats validated and updated every half hour.

A collection of Covid-19 related threat intelligence and resources.

An IOC collection for the Cellebrite UFED forensic toolkit.