IOC Finder
Parse IOCs from text
Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals, and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments. Oriana was built using Python, the Django Web Framework, the Postgres database, and Bootstrap. The Windows Event exporting script was written in PowerShell. For more information on how Oriana works, visit the Wiki at https://github.com/mvelazc0/Oriana/wiki. To see Oriana in action, check the demos at https://github.com/mvelazc0/Oriana/wiki/Demos. Oriana was initially presented at Derbycon VII (https://www.youtube.com/watch?v=hVTkkkM9XDg) and released at the SANS Threat Hunting Summit (https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1536265369.pdf). Quick Start Guide: Prerequisites: On Windows, download & install Python 2.7 from https://www.python.org/downloads/ and download & install Postgres from https://www.postgresql.org/download/windows/. On Linux, run 'sudo apt-get install postgresql postgresql-contrib'. Installation: 'git clone https://github.com/mvelazc0/Oriana.git' and 'pip install -r Oriana/requirements.txt'.
Parse IOCs from text
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.
OpenIOC editor for building and manipulating threat intelligence data with support for various systems.
FraudGuard is a service that provides real-time internet traffic analysis and IP tracking to help validate usage and prevent fraud.