openbh-gui

Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence, research and analytics.

Indicators of compromise

Extract and aggregate threat intelligence.

Elastic Security Labs releases

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

This Space is for Sentinel Playbooks.

This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple types such as IP, URL, CVE and Hash.

Run a simulated Klipper 3D-Printer in a Docker container

IntelOwl: manage your Threat Intelligence at scale

Repository of YARA rules made by Trellix ATR Team

#1 Locally hosted web application that allows you to perform various operations on PDF files

Indicators of stalkerware apps

Loki - Simple IOC and YARA Scanner

Loki - Simple IOC and YARA Scanner

Splunk Security Content

Indicators from Unit 42 Public Reports

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

Threat Intel IoCs + bits and pieces of dark matter

Open Cyber Threat Intelligence Platform

Feed of phish-domains found by Validin Threat Intelligince Platform

Setup guide for Control D, a managed DNS service with superpowers.

"Pre-Owned" malware in ROM for AllWinner H616/H618 & RockChip RK3328 Android TV Boxes

This repositiory contains the hash and C2 of active threats encountered by Juniper Threat Labs

IOCs from Google's Threat Analysis Group (TAG)