401trg Detections Versions Save

This repository contains all public indicators identified by 401trg during the course of our investigations. It also includes relevant yara rules and ids signatures to detect these indicators.

1.0.1

6 years ago

[1.0.1]

Added

  • Missing domains from Burning Umbrella Report (20180503_Burning_Umbrella_Area_1_indicators.csv), thanks for the catch guys!

Removed

  • IOC files to no longer include quotes around csv fields

1.0.0

6 years ago

Added

  • Changelog to track post and changes to unified format
  • Unifed format for machine readable IOCs in all IOC files
  • Blacklist for cert and file type indicators
  • README description of detections repo
  • README description of unified IOC format
  • Previous post added to Reports section of README that have no IOC, IDS, or other github docs
  • Apache LICENSE descriptor
  • ingest.py to read in all IOC/IDS/Blacklist as a python list()
  • 20180503_Burning_Umbrella_Area_1_indicators.csv
  • 20180503_Burning_Umbrella_Area_2_indicators.csv
  • 20180503_Burning_Umbrella_Area_3_indicators.csv
  • 20180503_Burning_Umbrella_Area_5_indicators.csv
  • 20180503_Burning_Umbrella_Area_6_indicators.csv
  • 20180503_Burning_Umbrella_Area_7_indicators.csv
  • 20180503_Burning_Umbrella_Area_8_indicators.csv
  • 20180503_Burning_Umbrella.pdf

Changed

Removed

  • Defang Domains, IPs, and URLs in IOC files

0.6.0

6 years ago

New Posts

[0.6.0] - 2018-02-22

Added

[0.5.0] - 2017-12-20

Added

[0.4.0] - 2017-11-01

Added

[0.3.0] - 2017-10-26

Added

[0.2.0] - 2017-10-16

Added

[0.1.0] - 2017-10-10

Added