ThePhish: an automated phishing email analysis tool
-
Updated
Nov 12, 2022 - Python
ThePhish: an automated phishing email analysis tool
Extract and aggregate threat intelligence.
ReversingLabs YARA Rules
Defanged Indicator of Compromise (IOC) Extractor.
Automatically created C2 Feeds
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Cyber Threat Intelligence Data, Indicators, and Analysis
Extract indicators of compromise from text, including "escaped" ones.
An npm package for extracting common IoC (Indicator of Compromise) from a block of text
Threat intelligence and threat detection indicators (IOC, IOA)
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.
A collection of Covid-19 related threat intelligence and resources.
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
An IOC collection for the Cellebrite UFED forensic toolkit.
A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Add a description, image, and links to the indicators-of-compromise topic page so that developers can more easily learn about it.
To associate your repository with the indicators-of-compromise topic, visit your repo's landing page and select "manage topics."