A curated list of Ransomware resources
☆41May 11, 2026Updated 2 months ago
Alternatives and similar repositories for Awesome-Ransomware
Users that are interested in Awesome-Ransomware are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆60Dec 10, 2025Updated 7 months ago
- A schema-aware dataset and Claude AI skill for Microsoft Defender XDR Advanced Hunting.☆36May 6, 2026Updated 2 months ago
- Open-source unified security operations & threat intelligence platform for OT/ICS environments with ontology-driven dashboards☆42May 27, 2026Updated last month
- Windfall - Unauthenticated RCE exploit chain for Windmill & Nextcloud Flow (CVE-2026-29059). Path traversal + credential leak + PostgreSQ…☆17Apr 7, 2026Updated 3 months ago
- This operational dashboard correlates data from Microsoft Defender for Endpoint/Server (MDE) and Azure Monitor Agent (AMA) to identify co…☆17May 13, 2026Updated 2 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated last year
- Cybersecurity lists of TLDs, domains and URLs for threat hunting and posture policy (warn or block)☆29Updated this week
- Draugnet is a lightweight, open-source tool for anonymous cyber threat reporting. Built for the MISP ecosystem, it lets users submit and …☆21Updated this week
- Active Directory forensic framework☆16May 18, 2026Updated last month
- Noradrenaline is a collection of high-performance post-exploitation shared libraries designed for native execution on macOS and Linux end…☆29Jul 6, 2026Updated last week
- ☆36May 5, 2026Updated 2 months ago
- A simple OAuth App designed to capture OAuth tokens when users authenticate through GitHub OAuth flow.☆25Apr 20, 2026Updated 2 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆121Oct 29, 2024Updated last year
- Positron: an Electron (v8 nodejs) DLL injection based JS injection engine☆47May 15, 2026Updated last month
- Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still ne…☆47Sep 18, 2025Updated 9 months ago
- Leaking kernel addresses from ETW consumers. Requires Administrator privileges.☆93Nov 6, 2025Updated 8 months ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated last year
- Free Windows privilege escalation lab inspired by HTB Devel, built for PNPT and OSCP practice.☆24Jan 13, 2026Updated 6 months ago
- Minimalistic HTTP(S) client for the NT kernel☆60Dec 1, 2025Updated 7 months ago
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated 3 weeks ago
- Cobalt Strike BOF to obtain location data☆26Jul 4, 2026Updated last week
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- Malleable Caddy Redirector☆17Apr 24, 2026Updated 2 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆305Jun 7, 2026Updated last month
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- A newly discovered vulnerable driver, pstrip64.sys (CVE-2026-29923) allows an unprivileged user to escalate privileges to SYSTEM via a cr…☆25Apr 11, 2026Updated 3 months ago
- Data related to the SANS Internet Storm Center☆13Sep 12, 2025Updated 10 months ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- System Call Integrity Layer - experimental security research☆28Apr 14, 2026Updated 3 months ago
- Awesome List of Enterprise Security Tools' Community Edition☆16Nov 10, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Automatically deploying Mythic C2 in Azure using Terraform☆20Jul 3, 2026Updated last week
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- My studies on Malware Development☆20Jul 6, 2026Updated last week
- A package to create HTML MISP reports, including volume of trending events and attributes, evens received from key organisations and targ…☆12Aug 14, 2025Updated 11 months ago
- OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"☆40May 22, 2024Updated 2 years ago
- ☆19Jan 8, 2026Updated 6 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆91Jun 28, 2026Updated 2 weeks ago