Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content
/ IOC Public

Our objective is to update the indicators-of-compromise based on published reports for Zero-Day Vulnerability and Ransomware groups

Notifications You must be signed in to change notification settings

IRB0T/IOC

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 

Repository files navigation

IOCs

Our objective is to provide the indicators-of-compromise based on published reports for Zero-Day Vulnerability and Ransomware groups. Additionally we have included How to detect different Exploits that Threat Actors commonly used in Post-Exploitation Phase

tactics
techniques
procedures
indicators of compromise (IOCs)



If We Want To Get Good At Detecting Anything We Need To Know Exactly What We Need To Collect || Detection Knowledge Base ||

S.No Detection Strategies Link
1 Zerologon https://github.com/IRB0T/IOC/tree/main/Detection%20Strategies/Zerologon
2 PsExec Execution https://github.com/IRB0T/IOC/tree/main/Detection%20Strategies/PsExec%20-%20Execution
3 WMI https://github.com/IRB0T/IOC/tree/main/Detection%20Strategies/WMI
4 ProxyShell https://github.com/IRB0T/IOC/tree/main/Detection%20Strategies/ProxyShell
5 PowerShell https://github.com/IRB0T/IOC/tree/main/Detection%20Strategies/PowerShell



Ransomware-IOCs

S.No Ransomware (IOCs) Link
1 8base https://github.com/IRB0T/IOC/tree/main/Ransomware/8Base
2 BlackCat https://github.com/IRB0T/IOC/tree/main/Ransomware/BlackCat
3 Play https://github.com/IRB0T/IOC/tree/main/Ransomware/Play
4 Royal https://github.com/IRB0T/IOC/tree/main/Ransomware/Royal



Vulnerabilities-IOCs

S.No Vulnerability CVE Link
1 MOVEit CVE-2023-34362 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/MOVEit%20Transfer
2 Barracuda ESG CVE-2023-2868 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Barracuda%20ESG
3 FortiOS SSL-VPN vulnerability CVE-2022-42475 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/FortiOS%20SSL-VPN%20-%20CVE-2022-42475
4 VMware Aria Operations for Networks vulnerability CVE-2023-20887 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/VMware%20Aria%20Operations%20Networks%20-%20CVE-2023-20887
5 "Ultimate Member" WordPress plugin vulnerability CVE-2023-3460 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Ultimate%20Member%20WordPress%20plugin%20-%20CVE-2023-3460
6 RCE in NetScaler (formerly Citrix) CVE-2023-3519 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Citrix%20CVE-2023-3519
7 Microsoft Office Zero-day HTML Vulnerability CVE-2023-36884 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Microsoft%20Office%20Zero-day%20HTML%20Vulnerability%20-%20CVE-2023-36884
8 Openfire Path traversal vulnerability CVE-2023-32315 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Openfire%20CVE-2023-32315
9 JetBrains TeamCity authentication bypass vulnerability CVE-2023-42793 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/JetBrains_TeamCity%20-%20CVE-2023-42793
10 Cisco IOS XE Software Web UI Privilege Escalation Vulnerability CVE-2023-20198 https://github.com/IRB0T/IOC/tree/main/Zero-Day%20Vulnerability%20IOC/Cisco%20IOS%20XE%20-%20CVE-2023-20198

About

Our objective is to update the indicators-of-compromise based on published reports for Zero-Day Vulnerability and Ransomware groups

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published