iocs

Star

Here are 73 public repositories matching this topic...

Language:All

Filter by language

All73 Python26 YARA7 JavaScript4 Shell4 Go3 PowerShell3 Jupyter Notebook2 Rust2 Scala2 Assembly1

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

TheHive-Project /TheHive

Star3.8k

TheHive: a Scalable, Open Source and Free Security Incident Response Platform

api open-source platform scala rest incident-response orchestration dfir analyzer free misp thehive security-incidents iocs digital-forensics investigations cortex agplv3 incident-management incident-response-tooling

UpdatedJul 25, 2025
Scala

teler-sh /teler

Star3.1k

Real-time HTTP Intrusion Detection

go golang log logs threat ids intrusion-detection threat-hunting iocs log-analyzer intrusion intrusion-detection-system threat-intelligence threat-analyzer analyze-logs threat-rules

UpdatedFeb 13, 2024
Go

TheHive-Project /Cortex

Star1.5k

Cortex: a Powerful Observable Analysis and Active Response Engine

python api open-source scala rest analysis engine incident-response observable dfir free-software analyzer free response thehive security-incidents iocs digital-forensics cortex cyber-threat-intelligence

UpdatedJul 16, 2025
Scala

mthcht /awesome-lists

Sponsor

Star1.2k

Awesome Security lists for SOC/CERT/CTI

security ioc detection incident-response dfir ransomware awesome-list threat-hunting siem iocs cti soc ir blueteam threat-intelligence rmm redteam hacktools detection-engineering blueteam-tools

UpdatedNov 6, 2025
YARA

curated-intel /Ukraine-Cyber-Operations

Star935

Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.

osint malware ukraine threat-hunting iocs cti yara threat-intelligence

UpdatedJun 26, 2023
YARA

drb-ra /C2IntelFeeds

Star652

Automatically created C2 Feeds

threat-hunting threatintel iocs empire cobalt-strike metasploit threat-intelligence indicators-of-compromise cobaltstrike poshc2

UpdatedNov 5, 2025
REXX

advanced-threat-research /Yara-Rules

Star616

Repository of YARA rules made by Trellix ATR Team

threat-hunting iocs yara threat-intelligence

UpdatedMar 18, 2025
YARA

mthcht /ThreatHunting-Keywords

Sponsor

Star610

Awesome list of keywords and artifacts for Threat Hunting sessions

splunk incident-response dfir awesome-list threat-hunting siem iocs offensive-security soc yara-rules elk-stack blueteam threat-intelligence redteam forensic hacktools endpoint-security threathunting offensive-scripts detection-engineering

UpdatedAug 4, 2025
PowerShell

TheHive-Project /TheHiveDocs

Star400

Documentation of TheHive

api open-source platform documentation rest incident-response dfir free-software analyzer free misp thehive security-incidents iocs digital-forensics analyst cortex administration-guide thehive-project

UpdatedSep 20, 2023

InQuest /omnibus

Star342

The OSINT Omnibus (beta release)

python security osint iocs security-automation threat-intelligence

UpdatedMay 20, 2024
Python

MalwareSamples /Malware-Feed

Star340

Bringing you the best of the worst files on the Internet.

malware malwareanalysis cybersecurity infosec viruses threat-hunting malware-analysis malware-research threatintel virus-scanning iocs cyber-security malware-samples virustotal threat-intelligence malware-sample malware-detection threat-intel advanced-persistent-threat advanced-persistent-threat-data

UpdatedApr 16, 2021
Shell

NewBee119 /Ti_Collector

Star311

本项目致力于收集网上公开来源的威胁情报，主要关注信誉类威胁情报（如IP/域名等），以及事件类威胁情报。

iocs threat-intelligence dns-sniffer threat-article-crawler threat-feeds

UpdatedOct 28, 2017
Python

cypherpunk-symposium /sec-pentesting-toolkit

Star210

👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.

linux cryptography rubber-ducky network reverse-engineering hacking forensics penetration-testing steganography infosec web-security pentesting ctf wargame post-exploitation vulnerabilities iocs botnets malwares gray-hacker-resources

UpdatedDec 3, 2024
C

fhightower /ioc-finder

Sponsor

Star172

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here:https://hightower.space/ioc-finder/

grammars observable ipv4 threat-hunting malware-analysis malware-research threat-sharing threatintel iocs hacktoberfest threat-intelligence grammar-parser indicators-of-compromise cidr-range network-data parse-urls ioc-finder cidr-ranges

UpdatedNov 16, 2023
Python

assafmo /xioc

Star162

Extract indicators of compromise from text, including "escaped" ones.

ioc text-mining data-mining command-line regex regexp extract extraction command-line-tool text-processing iocs defang indicators-of-compromise escaping

UpdatedApr 19, 2020
Go

fox-it /cobaltstrike-beacon-data

Star127

Open Dataset of Cobalt Strike Beacon metadata (2018-2022)

python json research jupyter jupyter-notebook pandas dataset beacon iocs threat-intelligence indicators-of-compromise cobaltstrike

UpdatedMar 28, 2022
Jupyter Notebook

fox-it /cobaltstrike-extraneous-space

Star121

Historical list of {Cobalt Strike,NanoHTTPD} servers

iocs nanohttpd cobaltstrike teamserver

UpdatedApr 30, 2019

rodanmaharjan /ThreatIntelligence

Star114

This repository contains Malicious Indicator of Compromise (IOC) blocklist for MISP, firewall which is vital for cybersecurity professionals to enhance threat detection and improve incident response capabilities.

blocklist malware phishing trojan cybersecurity threat-hunting misp threat-sharing threatintel cve iocs cti malicious-domains firewall-rules threat-intelligence c2