IOC Editor

Free editor for IOCs.

Mandiant’s IOC Editor is a free editor for Indicators of Compromise (IOCs). IOCs are XML documents that help incident responders capture diverse information about threats including attributes of malicious files, characteristics of registry changes, artifacts in memory, and so on. IOCe provides an interface into managing data within these IOCs including:

  • Manipulating the logical structures that define the IOC
  • Applying meta-information to IOCs including detailed descriptions or arbitrary labels
  • Converting IOCs into XPath filters
  • Managing lists of “Terms” that are used within IOCs


Software Alerts

Sign up to receive information on software updates!

Current Version: IOC Editor 2.2
Release Date: December 4, 2012

Supported Operating Systems: Windows XP, Windows Vista, Windows 7 (32-bit and 64-bit)

File Size: 2.12 MB

Integrity Hashes:

  MD5: 40075157B7A65BBA45122CED2FF33AAE
  SHA-1: AFF95F0FA83C7B07CBE4130BBEF92BD11A82B9A0

  MD5: 537A73357FC55565591C39F54EB20173
  SHA-1: 68A0323F16BC85EC0A77A208B740EC8B9ACE4F52