awesome-iocs
github.com/sroberts/awesome-iocs ↗A collection of sources of indicators of compromise.
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me yara signatures resources from awesome-iocs"
Installation instructions →What's inside
IOCs
- 0pc0deFR/YaraRulesYara Signatures
Multiple rules for yara-project for detect compiler/packer/protector.
- 0x27/linux.miraiIndicators
Leaked Linux.Mirai Source Code for Research/IoC Development Purposes.
- advanced-threat-research/Yara-RulesYara Signatures
Repository of YARA rules made by McAfee ATR Team
- aptnotes/dataIndicators
APTnotes data.
- botherder/targetedthreatsIndicators
Collection of IOCs related to targeting of civil society.
- circl/osint-feedIndicators
Open Source Intelligence for MISP.
Tools
- InQuest/iocextractIOC Tools
Advanced Indicator of Compromise (IOC) extractor.
- InQuest/ThreatIngestorIOC Tools
Flexible framework for consuming threat intelligence.
- mandiant/ioc_writerIOC Tools
Provide a python library that allows for basic creation and editing of OpenIOC objects.
- mandiant/OpenIOC_1.1IOC Formats
This repository contains a revised schema, iocterms file, and other supporting documents which are the basis for a draft of a revised version of OpenIOC that we are calling OpenIOC 1.1.
- MISP Malware Information Sharing Platform & Threat Sharing formatIOC Formats
Specifications used in the MISP project including MISP core format.
- Mitre Cyber Observable eXpression (CybOX™)IOC Formats
This site contains archived CybOX documentation.
Showing a sample of 38 resources. View the full list on GitHub →