Jager is a tool for pulling useful IOCs (indicators of compromise) out of various input sources (PDFs for now, plain text really soon, webpages eventually) and putting them into an easy to manipulate JSON format. Short Comings: - Doesn't do OCR, so CrowdStrike's 'Images only' PDFs don't work well. - Text analysis feature is planned for OCR by hand. - Regex's need improvement for better performance. - Some manual work needed for group names or attribution. Use: To analyze a PDF: python jager.py -i foo.pdf -o bar.json To analyze a directory of PDFs: python jager.py -d ~/foo -o ~/bar Features for the Future: - New Analysis Modes - Webpages - Plain Text - New Indicator Types: URLs, File Paths, Registry Keys - More Useful Output
FEATURES
ALTERNATIVES
A StalkPhish Project YARA repository for Phishing Kits zip files.
RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.
VX-Underground is a vast online repository of malware samples, featuring various collections for cybersecurity professionals and researchers to analyze and combat cyber threats.
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Real-time, container-based file scanning system for threat hunting and incident response.
Automatic YARA rule generator based on Koodous reports with limited false positives.
A threat intelligence platform that monitors, analyzes, and provides detailed information about threat actors targeting non-human identities across various industries.
A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.