Threat Intelligence & Indicators of Compromise repository.

An automated Cyber Threat Intelligence (CTI) apparatus, implemented via a suite of Free & Open-source Software (FOSS)

Manage loki scans over a large network.

IOC validation with Python

IOC Generator for Microsoft Defender for Endpoints

An overview of the Pyramid of Pain, a pyramid model that represents a scaling level of impact to threat actor operations when an indicator is successfully responded to at its assigned level.

A basic IP address IOC checker for Windows using Netstat and Wordlists, written in Python3.

My ongoing journey with the Tines SOAR platform.

FortiEDR Threat Intelligence Database. ThreatFox Threat Intelligence Database Integration with FortiEDR

Rex-ing indicators out of unstructured text (like an e-mail)

Correlating Open Source Intelligence with Arrant Signals to devise unique identifiers

Relieving the manual task of checking the ip reputation

IOCs and notes related to malware

Storage for the IOCs I collect

A resource containing all the data each ransomware gangs

Our objective is to update the indicators-of-compromise based on published reports for Zero-Day Vulnerability and Ransomware groups

This script allows for incident responders to scope specific indicators of compromise

A comprehensive repository for malware analysis and threat intelligence, including Cobalt Strike Beacon configurations, YARA rules, IOCs, Suricata rules, and malware samples to support cybersecurity efforts.

Prowl is an API that allows you to send IP and in return obtain the reputation of the IP as well as indicators of attacks and indicators of compromise associated with the address. Lupovis monitors the web in real time and identifies malicious IP addresses for you.

VSIOC is a real-time Visual Studio Code extension for extracting IOCs from the active open editor