IOC tools

Tools

FIR (fast incident response tool)

incident response, security monitoring

FIR is an incident response tool written in the Django framework. It provides a web interface to deal with the creation and management of security-related incidents.

rastrea2r (threat hunting for IOCs)

digital forensics, malware detection, threat discovery, threat hunting

Rastrea2r is a threat hunting utility for indicators of compromise (IOC). It is named after the Spanish word rastreador, which means hunter. This multi-platform open source tool helps incident responders and SOC analysts to triage suspected systems. The hunt for IOCs can be achieved in just a matter of a few minutes.

TheHive (security incident response platform)

digital forensics, incident response, intrusion detection

TheHive is scalable and a complete platform to deal with security incidents. It allows for collaboration between those responsible for dealing with such incidents and related events. It can even use the data of the MISP project, making it easier to start analyzing from there.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.