IOC Bucket is a global community of computer security professionals who have a vested interest in sharing Indicators of Compromise (IOC) discovered during their research. Our website bridges the trans-ocean gap between multinational corporations providing them with a wealth of incident response knowledge and experience. Through the contributions of industry standard OpenIOC's, IOC Bucket will be the largest repository of Open Source Indicators. On the website you can check indicators found on your network against our reputation database to determine the possibility of infection using one of the 500 fields supported by the OpenIOC format. Once found you may download the IOC to edit and search your network for further intrusions. Global security requires global partnerships.

Who Made This Site and Why

IOC Bucket was created by three security professionals (from Virginia) who perform penetration testing on a daily basis. We started testing IOCs with our own malware and soon came to realize how much more efficient using IOCs for detection was when compared to other methods. When we started searching for IOCs for different malware currently in the wild, we soon noticed how wide-spread the search became just to find one. For this reason we decided to make IOC Bucket and put it out there as a community site hopefully benefiting everyone as Exploit-DB did for exploits.

This site is not sponsored or owned by any government organization or agency.

Special Thanks

ForensicArtifacts has agreed to move the IOC portion of their site to IOC Bucket. A big thank you to all the authors and contributors of the IOCs that have been moved here.