DailyIOC
A daily collection of IOCs from various sources, including articles and tweets.
This container provides 200 Windows events samples related to specific attack and post-exploitation techniques, useful for testing detection scripts, training on DFIR and threat hunting, and designing detection use cases using Windows and Sysmon event logs. It includes a PowerShell script for parsing and replaying EVTX files with Winlogbeat.
A daily collection of IOCs from various sources, including articles and tweets.
Parse IOCs from text
Tool for managing Yara rules on VirusTotal
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
A robust Python implementation of TAXII Services with a friendly pythonic API.
A repository of freely usable Yara rules for detection systems, with automated error detection workflows.