IOC Editor

FireEye’s Indicators of Compromise (IOC) Editor is a free tool that provides an interface for managing data and manipulating the logical structures of IOCs. IOCs are XML documents that help incident responders capture diverse information about threats, including attributes of malicious files, characteristics of registry changes and artifacts in memory. The IOC Editor includes:

  • Manipulation of the logical structures that define the IOC
  • Application of meta-information to IOCs, including detailed descriptions or arbitrary labels
  • Conversion of IOCs into XPath filters
  • Management of lists of “terms” used within IOCs

Software Alerts

Sign up to receive information on software updates!


IOC Editor

Release Notes

Current Version: IOC Editor 2.2
Release Date: December 4, 2012

  • Supported Operating Systems: Windows XP, Windows Vista, Windows 7 (32-bit and 64-bit)
  • File Size: 2.12 MB
  • Integrity Hashes:
    • ZIP
      • MD5: 40075157B7A65BBA45122CED2FF33AAE
      • SHA-1: AFF95F0FA83C7B07CBE4130BBEF92BD11A82B9A0
    • Extracted
      • MD5: 537A73357FC55565591C39F54EB20173
      • SHA-1: 68A0323F16BC85EC0A77A208B740EC8B9ACE4F52