Malware Bazaar

collecting-indicators-of-compromise skill for extracting, enriching, scoring, and exporting IOCs from incident evidence. Use it for Security Audit workflows, threat intel sharing, and STIX 2.1 output when you need a practical collecting-indicators-of-compromise guide instead of a generic incident-response prompt.

Analyzing-indicators-of-compromise helps triage IOCs such as IPs, domains, URLs, file hashes, and email artifacts. It supports threat-intelligence workflows for enrichment, confidence scoring, and block/monitor/whitelist decisions using source-backed checks and clear analyst context.