Indicators of compromise (in STIX v2 format) generated by the iMazing team.
The iMazing Spyware Analyzer automatically downloads the latest versions of indicators of compromise provided by Amnesty Tech's Security Lab, Citizen Lab, Google’s Threat Analysis Group, and other sources listed below. It also includes those available in this repository, generated by our team, when there are no public STIX files available for a specific spyware or malware, or when we believe our STIX files are better suited to how iMazing Spyware Analyzer works. Note that iMazing analyzes data by extracting it from iOS backups, rather than accessing it from the device file system via a jailbreak.
- https://github.com/AmnestyTech/investigations/tree/master/2021-07-18_nso
- https://github.com/mvt-project/mvt-indicators/tree/main/intellexa_predator
- https://github.com/mvt-project/mvt-indicators/tree/main/2022-06-23_rcs_lab
- https://github.com/AssoEchap/stalkerware-indicators
- https://github.com/mvt-project/mvt-indicators/tree/main/2023-06_01_operation_triangulation
You can find iMazing Spyware Analyzer's code in the following repository: