32 tools and resources
Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.
An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.
A program to extract IOCs from text files using regular expressions
A super-simple, modern framework for organizing and automating cybersecurity tasks.
FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity
A tool for extracting IOCs from various input sources and converting them into JSON format.
Repository of scripts, signatures, and IOCs related to various malware analysis topics.
Forager is a threat intelligence tool that simplifies the retrieval, storage, and maintenance of threat data with a user-friendly interface and support for various data sources.
Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.
A tool to extract indicators of compromise from security reports in PDF format.
A curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) for threat detection and malware identification.
YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.
A simple IOC scanner bash script for Linux/Unix/OSX systems
Freely available network IOCs for monitoring and incident response
A daily collection of IOCs from various sources, including articles and tweets.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
Maltiverse automates Threat Intelligence for small and medium-sized SecOps teams, providing an effective and affordable service.
LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.
Repository of Yara signatures for detecting targeted attacks on civil society organizations
A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
Converts OpenIOC v1.0 XML files into STIX Indicators, generating STIX v1.2 and CybOX v2.1 content.
Public access to Indicators of Compromise (IoCs) and other data for readers of Security Scorecard's technical blog posts and reports.
An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.
Python package for fanging and defanging indicators of compromise in text.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
A simple, self-contained modular host-based IOC scanner for incident responders.
A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.
