Skip to content
@iocx-dev

iocx-dev

README.md

iocx-dev

The official developer ecosystem for IOC extraction, enrichment, and YARA generation.

Welcome to iocx‑dev, the home of the iocx and yarx toolchain — a modern, extensible ecosystem for extracting Indicators of Compromise (IOCs), enriching them, and generating high‑quality YARA rules.

This organisation hosts:

  • the iocx core engine
  • the yarx YARA generation framework
  • the official plugin ecosystem
  • templates, examples, and documentation
  • tooling and integrations built around the platform

All projects in this organisation are created and maintained by malx‑labs.

🚀 Projects in the ecosystem

iocx

The core IOC extraction engine. Fast, modular, and built for real‑world DFIR workflows.

yarx

A modern YARA rule generator designed to pair naturally with iocx.

Plugin ecosystem

  • Official plugin template
  • Registry key detectors
  • PowerShell detectors
  • Community‑driven extensions
  • Example plugins and test suites

Plugins allow iocx to grow into a flexible, domain‑specific extraction platform.

🧩 Why this ecosystem exists

Security teams need tools that are:

  • fast
  • scriptable
  • extensible
  • predictable
  • easy to integrate

The iocx‑dev ecosystem is built to support:

  • DFIR analysts
  • threat hunters
  • malware researchers
  • automation engineers
  • SOC tooling pipelines

Whether you’re extracting IOCs from logs, generating YARA rules from samples, or building custom detectors, this ecosystem gives you the foundation.

🛠️ Contributing

We welcome contributions across:

  • plugins
  • detectors
  • documentation
  • examples
  • integrations
  • bug reports and feature ideas

If you’re building something on top of iocx or yarx, we’d love to see it.

📚 Documentation

Full documentation will be available at:

https://iocx.dev

(Coming soon.)

🧪 Plugin development

Want to build your own detector or enrichment module? Start with the official plugin template:

iocx-dev/iocx-plugin-template

This template provides:

  • project structure
  • testing harness
  • metadata conventions
  • examples and best practices

🧭 Roadmap

  • v0.4.0: plugin system, new detectors, ecosystem launch
  • yarx integration
  • expanded plugin registry
  • documentation site at iocx.dev
  • community plugin submissions
  • CI‑verified plugin catalogue

🏢 Maintained by

malx‑labs - Creators of iocx, yarx, and the surrounding ecosystem.

Popular repositories Loading

  1. iocx-registry-keys iocx-registry-keys Public

    High‑performance iocx plugin for detecting Windows Registry keys, values, and persistence locations. Includes full test coverage, performance benchmarks, and security checks.

    Python 1

  2. .github .github Public

  3. iocx-plugin-template iocx-plugin-template Public

  4. iocx-plugins iocx-plugins Public

  5. yarx yarx Public

  6. iocx-docs iocx-docs Public

Repositories

Showing 6 of 6 repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Top languages

Loading…

Most used topics

Loading…