This script allows for incident responders to scope specific indicators of compromise
-
Updated
Oct 15, 2019 - PowerShell
This script allows for incident responders to scope specific indicators of compromise
Extract indicators of compromise from text, including "escaped" ones.
ADEO APT38 Lazarus Threat Analysis Report
A collection of Covid-19 related threat intelligence and resources.
Web app to calculate "indicators of compromise" confidence deprecation timelines (used with threat intel platforms such as ThreatConnect).
Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
Threat intelligence and threat detection indicators (IOC, IOA)
Manage loki scans over a large network.
Minimal Indicator Storage System
An IOC collection for the Cellebrite UFED forensic toolkit.
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
⛏macOS app to extract IoCs from PDFs, text files, HTML, URLs, and the pasteboard
Provides Amnesty International's "Pegasus" domain IOCs transformation to a TinyCheck source format
CVE-2021-3441 CVE Check is a python script to search targets for indicators of compromise to CVE-2021-3441
🚨Computational Forensics is an emerging research🔎 domain. It deals with 🕵️♀️solving forensic problems🚔 using digital methods👨💻. It uses computational science to study digital evidence.
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Quickly generate common Indicators of Compromise (IOCs) from files with Python (now leveraging command line arguments and autocomplete to streamline it's use).
Threat Intelligence & Indicators of Compromise repository.
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Add a description, image, and links to the indicators-of-compromise topic page so that developers can more easily learn about it.
To associate your repository with the indicators-of-compromise topic, visit your repo's landing page and select "manage topics."