A collection of CVEs weaponized by ransomware operators
☆130Oct 13, 2025Updated 4 months ago
Alternatives and similar repositories for Ransomware-Vulnerability-Matrix
Users that are interested in Ransomware-Vulnerability-Matrix are comparing it to the libraries listed below
Sorting:
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated 11 months ago
- A resource containing all the tools each ransomware gangs uses☆1,330Dec 24, 2025Updated 2 months ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Repo for experimenting and testing MCP server builds for CTI-related research.☆27May 13, 2025Updated 9 months ago
- A tool matrix for Russian APTs based on the Ransomware Tool Matrix☆230Aug 20, 2025Updated 6 months ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆117Oct 29, 2024Updated last year
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Nov 26, 2025Updated 3 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆42Oct 29, 2024Updated last year
- Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups …☆395Jan 29, 2026Updated last month
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆53Oct 23, 2024Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Dec 20, 2025Updated 2 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆302Updated this week
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆282Mar 20, 2025Updated 11 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆473Oct 29, 2025Updated 4 months ago
- The Threat Actor Profile Guide for CTI Analysts☆116Jul 15, 2023Updated 2 years ago
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆257Jan 29, 2026Updated last month
- Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers☆771Feb 8, 2026Updated 3 weeks ago
- ☆292Aug 30, 2025Updated 6 months ago
- This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.☆15Jun 6, 2022Updated 3 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.☆16Oct 22, 2025Updated 4 months ago
- Awesome Security lists for SOC/CERT/CTI☆1,263Updated this week
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆47Jan 22, 2025Updated last year
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆92Aug 3, 2025Updated 7 months ago
- This is a repository to experiment with MCP for security☆47Jan 22, 2025Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆638Aug 4, 2025Updated 7 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago
- Presentations from Conferences☆31Sep 14, 2024Updated last year
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 2 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,930Jan 20, 2026Updated last month
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆79Updated this week
- A collection of methods to learn who the owner of an IP address is.☆224Sep 29, 2025Updated 5 months ago
- ☆19May 27, 2024Updated last year
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.☆79Feb 4, 2026Updated last month