botvrij.eu
Freely available network IOCs Monitor your network and raise IDS alerts for suspicious network behavior. Incident Response Use the file hashes for conducting an in-depth incident response investigation. The botvrij.eu data IOCs Botvrij.eu provides different sets of open source IOCs that you can use in your security devices to detect possible malicious activity. The information contains network info (IPs), file hashes, file paths, domain names, URLs. Datasource All the data is gathered via open source information feeds (blog pages and PDF documents) and then consolidated into different datasets. To ensure the quality of the data all entries older than approx. 6 months are removed. MISP MISP is used as a back-end for storing the threat information. The information is added to MISP via ioc-parser, extracted from MISP with PyMISP and formatted with a set of custom Python scripts. This feed is also integrated as an OSINT feed within MISP. It is free! The data is free (obviously, the source of the data is also free). Use the data at your own risk. This project only makes the data easy accessible. It is up to you to decide where and how you want to use it. Content The datasets are available in two formats ioclist.<TYPE> ioclist.<TYPE>.md5 ioclist.<TYPE>.raw ioclist.<TYPE>.raw.md5 The content of both datasets is identical. The .raw contains the
FEATURES
ALTERNATIVES
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
A tool for quick and effective Yara rule creation to isolate malware families and malicious objects.
Proof-of-concept implementation of TAXII services for developers and non-developers.
A tool to extract indicators of compromise from security reports in PDF format.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Aggregates security threats from online sources and outputs to various formats.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Kriptos
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
System Two Security
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido Security
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.