Sophos-originated indicators of compromise (IoCs) extracted from published threat intelligence reports. Contains 148+ CSV files and YARA rules documenting malware families, ransomware campaigns, vulnerable software exploits, and attack infrastructure. Provides malware hashes, C2 server addresses, and other threat artifacts for defensive security teams to detect and block known threats across networks. Essential resource for SOC analysts and threat hunters.
git clone https://github.com/sophoslabs/IoCs.git
# Sophos IoCs — Usage
# Clone the repository
git clone https://github.com/sophoslabs/IoCs
# Browse by threat report
ls IoCs/
# ├── Ransomware/
# ├── Malware/
# ├── YARA_rules/
# └── CSV indicators
# Import IOCs into your SIEM/SOAR platform