Skip to content
@iocx-dev

iocx-dev

README.md

iocx-dev

The official developer ecosystem for IOC extraction, enrichment, and YARA generation.

Welcome to iocx‑dev, the home of the iocx and yarx toolchain — a modern, extensible ecosystem for extracting Indicators of Compromise (IOCs), enriching them, and generating high‑quality YARA rules.

This organisation hosts:

  • the iocx core engine
  • the yarx YARA generation framework
  • the official plugin ecosystem
  • templates, examples, and documentation
  • tooling and integrations built around the platform

All projects in this organisation are created and maintained by malx‑labs.

🚀 Projects in the ecosystem

iocx

The core IOC extraction engine. Fast, modular, and built for real‑world DFIR workflows.

yarx

A modern YARA rule generator designed to pair naturally with iocx.

Plugin ecosystem

  • Official plugin template
  • Registry key detectors
  • PowerShell detectors
  • Community‑driven extensions
  • Example plugins and test suites

Plugins allow iocx to grow into a flexible, domain‑specific extraction platform.

🧩 Why this ecosystem exists

Security teams need tools that are:

  • fast
  • scriptable
  • extensible
  • predictable
  • easy to integrate

The iocx‑dev ecosystem is built to support:

  • DFIR analysts
  • threat hunters
  • malware researchers
  • automation engineers
  • SOC tooling pipelines

Whether you’re extracting IOCs from logs, generating YARA rules from samples, or building custom detectors, this ecosystem gives you the foundation.

🛠️ Contributing

We welcome contributions across:

  • plugins
  • detectors
  • documentation
  • examples
  • integrations
  • bug reports and feature ideas

If you’re building something on top of iocx or yarx, we’d love to see it.

📚 Documentation

Full documentation will be available at:

https://iocx.dev

(Coming soon.)

🧪 Plugin development

Want to build your own detector or enrichment module? Start with the official plugin template:

iocx-dev/iocx-plugin-template

This template provides:

  • project structure
  • testing harness
  • metadata conventions
  • examples and best practices

🧭 Roadmap

  • v0.4.0: plugin system, new detectors, ecosystem launch
  • yarx integration
  • expanded plugin registry
  • documentation site at iocx.dev
  • community plugin submissions
  • CI‑verified plugin catalogue

🏢 Maintained by

malx‑labs - Creators of iocx, yarx, and the surrounding ecosystem.

Popular repositories Loading

  1. iocx iocx Public

    An extensible IOC extraction engine for PE binaries and text, built for SOC automation and modern threat‑analysis pipelines.

    Python 1 1

  2. iocx-registry-keys iocx-registry-keys Public

    High‑performance iocx plugin for detecting Windows Registry keys, values, and persistence locations. Includes full test coverage, performance benchmarks, and security checks.

    Python 1

  3. .github .github Public

  4. iocx-plugin-template iocx-plugin-template Public

    Python

  5. iocx-plugins iocx-plugins Public

  6. yarx yarx Public

Repositories

Showing 8 of 8 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…