IoC Scanners – After Crypto

IoC (indicators of compromise) are essentially breadcrumbs that are left behind from an attempted or successful attack on a system.

SPARK Core – Free IOC and YARA Scanning – Nextron Systems (

Watch out for False Positives

Example is “r.exe” which matches a commonly used pattern with intrusions of a single character file name with an exe extension.However R.exe is also a legitimate application with MSSQL when the “R Analysis” role is installed.

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)