ThePhish: an automated phishing email analysis tool
-
Updated
Nov 12, 2022 - Python
ThePhish: an automated phishing email analysis tool
Extract and aggregate threat intelligence.
Defanged Indicator of Compromise (IOC) Extractor.
Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/
This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.
Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .
YAFRA is a semi-automated framework for analyzing and representing reports about IT Security incidents.
Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
Minimal Indicator Storage System
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
🔍 Application for detecting command and control (C2) communication through network traffic analysis.
A forensic ioc crawler and parser.
This repository consolidates all unique IOCs ever released at rstthreats. Updated at least once a day.
📬 Process EML and MSG file types and extract various Indicators of Compromise.
🚨Computational Forensics is an emerging research🔎 domain. It deals with 🕵️♀️solving forensic problems🚔 using digital methods👨💻. It uses computational science to study digital evidence.
IOCs and notes related to malware
CVE-2021-3441 CVE Check is a python script to search targets for indicators of compromise to CVE-2021-3441
Quickly generate common Indicators of Compromise (IOCs) from files with Python (now leveraging command line arguments and autocomplete to streamline it's use).
Add a description, image, and links to the indicators-of-compromise topic page so that developers can more easily learn about it.
To associate your repository with the indicators-of-compromise topic, visit your repo's landing page and select "manage topics."