Top 8 indicators-of-compromise Open-Source Projects

ThePhish

17 1,005 0.0 Python

ThePhish: an automated phishing email analysis tool

Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14

ThreatIngestor

1 778 7.6 Python

Extract and aggregate threat intelligence.
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
reversinglabs-yara-rules

3 688 5.6 YARA

ReversingLabs YARA Rules
iocextract

1 485 5.4 Python

Defanged Indicator of Compromise (IOC) Extractor.
C2IntelFeeds

1 430 9.9 REXX

Automatically created C2 Feeds
cobaltstrike-beacon-data

1 115 2.6 Jupyter Notebook

Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
Prowl-API

1 7 10.0 JavaScript

Prowl is an API that allows you to send IP and in return obtain the reputation of the IP as well as indicators of attacks and indicators of compromise associated with the address. Lupovis monitors the web in real time and identifies malicious IP addresses for you.

Project mention: An IP Reputation integration on NPM to stop the baddies | news.ycombinator.com | 2023-05-11

WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
no-direct-ip

1 1 0.0 JavaScript

Browser extension to block directly entered, external or public IP v4 and v6 addresses

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-05-14.