Loading . . .

Uncoder CTI

Fast and easy generation of IOC queries tuned for maximum performance. Insert your IOCs, get queries on the fly, and drill down to hunt.

Copy and Paste IOCs or Drag and Drop CSV, JSON or TXT file with IOCs
Query Generation Settings
For unregistered users, the maximum number of generated queries is limited to 5. To generate more queries, sign up at the SOC Prime Platform.
Sign Up
Cross-Tool Cyber Threat Intelligence
Make IOC-based threat hunting easier and faster with Uncoder CTI. Generate custom IOC queries ready to run in 15+ SIEM & XDR tools, including Microsoft Sentinel, Chronicle Security, Elastic Stack, and Splunk. Just paste any text containing IOCs and get custom, performance-optimized queries in a matter of clicks.
Learn More
Free Public Access
CTI.Uncoder.IO offers 100% free access, with no registration required to start hunting immediately. To unleash the full power of Uncoder CTI with extended query generation capabilities, join the SOC Prime platform for collaborative cyber defense, threat hunting, and threat discovery.
Register for Free
Seamless IOC Matching
To streamline threat hunting experience and overcome data normalization limitations, Uncoder CTI allows remapping the default SIEM & XRD parameters to the specific data schema in use. Moreover, threat intelligence specialists and threat hunters can automatically add exceptions to cut down the number of false positives and typical CTI report errors, such as IP or private subnets.
Custom, Performance-Optimized Hunting Queries
With Uncoder CTI, security engineers can tailor IOC queries to their needs to match the environment, custom data schema in use, and add more fine-tuning for maximum performance. For more accurate results, a custom query can be generated based on a specific IOC or hash type, set to include an exact number of IOCs per query or exclude certain hashes, domains, IPs, or URLs.
Respect for Privacy
As a tool to serve the needs of the global cybersecurity community, Uncoder CTI was developed with respect to privacy in mind, storing no IOC data leveraged by users and sharing no data with third parties. Only security performers running each particular Uncoder CTI session have access to the corresponding IOC data.