sophoslabs/IoCs โ€” GitHub Repository Preview
Security & Pentesting โ˜… 652 YARA

sophoslabs/IoCs

by @sophoslabs ยท

652 Stars
120 Forks
2 Issues
YARA Language

Sophos-originated indicators of compromise (IoCs) extracted from published threat intelligence reports. Contains 148+ CSV files and YARA rules documenting malware families, ransomware campaigns, vulnerable software exploits, and attack infrastructure. Provides malware hashes, C2 server addresses, and other threat artifacts for defensive security teams to detect and block known threats across networks. Essential resource for SOC analysts and threat hunters.

Author avatar for @sophoslabs
@sophoslabs Project maintainer on GitHub
View Profile
View on GitHub
git clone https://github.com/sophoslabs/IoCs.git

Quick Start Example

bash 
# Sophos IoCs โ€” Usage

# Clone the repository
git clone https://github.com/sophoslabs/IoCs

# Browse by threat report
ls IoCs/
# โ”œโ”€โ”€ Ransomware/
# โ”œโ”€โ”€ Malware/
# โ”œโ”€โ”€ YARA_rules/
# โ””โ”€โ”€ CSV indicators

# Import IOCs into your SIEM/SOAR platform

Tags

#ioc#threat-intelligence#yara#malware#sophos#dfir

Related Projects