This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networks Unit 42 website.
☆115Nov 17, 2025Updated 3 months ago
Alternatives and similar repositories for Unit42-Threat-Intelligence-Article-Information
Users that are interested in Unit42-Threat-Intelligence-Article-Information are comparing it to the libraries listed below
Sorting:
- Indicators of compromise☆17Jan 29, 2026Updated last month
- A tool for fetching DFIR and other GitHub tools.☆25Aug 2, 2025Updated 7 months ago
- ☆58Dec 10, 2025Updated 2 months ago
- A Model Context Protocol (MCP) server that integrates Volatility 3 memory forensics framework with Claude☆31Jul 7, 2025Updated 8 months ago
- ☆22Jan 31, 2023Updated 3 years ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆22Jan 5, 2025Updated last year
- A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat in…☆456Updated this week
- ☆24Mar 12, 2025Updated 11 months ago
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆52Sep 11, 2025Updated 5 months ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- RedAudit is a next-generation Windows forensic and security assessment framework featuring a live cyber-operations GUI built for real inv…☆35Nov 15, 2025Updated 3 months ago
- ☆12Aug 16, 2024Updated last year
- ☆15Sep 17, 2022Updated 3 years ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- ☆17May 22, 2024Updated last year
- Transform EQL detection rules to VQL artifacts☆12Nov 12, 2021Updated 4 years ago
- a repo for utilizing a base64 like encoding scheme + AES Encryption using Emojis☆13Mar 16, 2025Updated 11 months ago
- ShellSweeping the evil.☆53Jun 18, 2024Updated last year
- Search an entire directory of .eml email files for a word or phrase... in over 100 languages.☆12Feb 28, 2023Updated 3 years ago
- A few STUXNET samples and live traffic captures from July 2010 while many stuxnet implants were still operational.☆29Sep 17, 2024Updated last year
- Baseline a Windows System against LOLBAS☆72Feb 2, 2026Updated last month
- LILO based Pulse Secure appliance disk image decryptor☆13Mar 20, 2024Updated last year
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- ☆13Dec 29, 2022Updated 3 years ago
- System Call Integrity Layer - experimental security research☆25Jan 31, 2026Updated last month
- ☆16Sep 5, 2024Updated last year
- ☆33Dec 10, 2024Updated last year
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆77Sep 8, 2025Updated 6 months ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- 010 template for apfs☆26Feb 26, 2021Updated 5 years ago
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆278Dec 20, 2025Updated 2 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆78Dec 15, 2025Updated 2 months ago
- Different tools for Microsoft Hyper-V researching☆64Feb 26, 2026Updated last week
- Python tool to find vulnerable AD object and generating csv report☆14Jul 4, 2022Updated 3 years ago
- Plugin for NOPing instructions in IDA☆21May 9, 2024Updated last year
- ☆55Feb 12, 2026Updated 3 weeks ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- Static-Code-Analysis-Helper helps you perform static code analysis.☆32Feb 20, 2026Updated 2 weeks ago