Script to get popular, good reputation indicators
Could base this just on: https://github.com/InQuest/awesome-yara
https://github.com/advanced-threat-research/IOCs.git
https://github.com/botherder/targetedthreats.git
https://github.com/eset/malware-ioc.git
https://github.com/SpiderLabs/IOCs-IDPS
https://github.com/DoctorWebLtd/malware-iocs.git
https://github.com/blackorbird/APT_REPORT
https://github.com/fireeye/iocs.git
https://github.com/nccgroup/Cyber-Defence.git ()
https://github.com/Neo23x0/signature-base.git (specifc yara repo, https://github.com/Neo23x0/signature-base/tree/master/yara ) https://github.com/Yara-Rules/rules
https://github.com/rastrea2r/rastrea2r.git https://github.com/epics-modules/iocStats.git https://github.com/silascutler/MalPipe.git
Steps:
- collect popular repo's for YARA rules
- create collection script ( bash, python, ...)
- generate index files
- remove false positve files
- Do the same for Suricata rules