ThreatLabz/iocs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ThreatLabz/iocs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ThreatLabz/iocs)

Close

ThreatLabz / iocsView on GitHubMore

• External links
• Readme badge

This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

☆79Jan 26, 2026Updated 2 months ago

Alternatives and similar repositories for iocs

Users that are interested in iocs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• HarfangLab / iocs

  View on GitHub
  Indicators of compromise
  ☆17Jan 29, 2026Updated 2 months ago
• ThreatLabz / tools

  View on GitHub
  Tools developed by the Zscaler ThreatLabz Threat Intelligence team
  ☆98Mar 17, 2026Updated 3 weeks ago
• embee-research / Yara-detection-rules

  View on GitHub
  Yara Rules for Modern Malware
  ☆79Mar 3, 2024Updated 2 years ago
• Cisco-Talos / IOCs

  View on GitHub
  Indicators of Compromise
  ☆267Updated this week
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆29Apr 10, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• hvs-consulting / ioc_signatures

  View on GitHub
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆35Updated this week
• reprise99 / 4688-sysmon

  View on GitHub
  ☆60Jun 24, 2023Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules

  View on GitHub
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆59Mar 2, 2025Updated last year
• elceef / yara-rulz

  View on GitHub
  Collection of generic YARA rules
  ☆16Mar 18, 2026Updated 3 weeks ago
• ThreatLabz / ransomware_notes

  View on GitHub
  An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz
  ☆411Apr 6, 2026Updated last week
• dr4k0nia / yara-rules

  View on GitHub
  A collection of my yara rules
  ☆34Jul 11, 2023Updated 2 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• Krypteria / Yaralyze

  View on GitHub
  Yaralyze is an malware detection tool for Android that relies on two types of static analysis, Yara rule analysis and hashes analysis.
  ☆21Nov 13, 2022Updated 3 years ago
• sophoslabs / IoCs

  View on GitHub
  Sophos-originated indicators-of-compromise from published reports
  ☆656Mar 31, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• wightsci / MessageTableReader

  View on GitHub
  Read Windows message table entries.
  ☆11Feb 5, 2023Updated 3 years ago
• jischell-msft / RemoteManagementMonitoringTools

  View on GitHub
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆102Aug 15, 2025Updated 7 months ago
• pr0xylife / Emotet

  View on GitHub
  IOC Collection 2022
  ☆57Mar 7, 2023Updated 3 years ago
• OverTheNet / CODE_OF_MALWARE_I

  View on GitHub
  Contains Actual Events and Codes of Threat Groups, APTs, Research Groups
  ☆19Sep 10, 2022Updated 3 years ago
• stvemillertime / Cerebro

  View on GitHub
  Scripts and lists to help generate YARA friendly string mutations
  ☆22Apr 9, 2023Updated 3 years ago
• EmissarySpider / ransomware-descendants

  View on GitHub
  A repository dedicated to tracking ransomware families based on leaked builders.
  ☆22Apr 17, 2024Updated last year
• advanced-threat-research / Threat-Reports

  View on GitHub
  Repository to store the Threat Reports made by the McAfee Enterprise ATR Team
  ☆10Oct 11, 2018Updated 7 years ago
• eset / malware-ioc

  View on GitHub
  Indicators of Compromises (IOC) of our various investigations
  ☆1,940Mar 27, 2026Updated 2 weeks ago
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 4 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• netskopeoss / NetskopeThreatLabsIOCs

  View on GitHub
  ☆157Apr 1, 2026Updated last week
• executemalware / Malware-IOCs

  View on GitHub
  ☆510Oct 7, 2024Updated last year
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Dec 4, 2025Updated 4 months ago
• Onapsis / Onapsis_CVE-2025-31324_Scanner_Tools

  View on GitHub
  ☆12Jun 6, 2025Updated 10 months ago
• rapid7 / Rapid7-Labs

  View on GitHub
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆98Apr 7, 2026Updated last week
• pr0xylife / Pikabot

  View on GitHub
  ☆32Mar 11, 2026Updated last month
• EmergingThreats / log4shell-detection

  View on GitHub
  ☆12Dec 23, 2021Updated 4 years ago
• RanjitPatil / Static-Dynamic-Malware-Analysis

  View on GitHub
  ☆13Jan 19, 2023Updated 3 years ago
• Neo23x0 / ThreatResearch-Reporting-Guide

  View on GitHub
  Offensive Research Guide to Help Defense Improve Detection
  ☆31Jan 27, 2023Updated 3 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• The-DFIR-Report / Yara-Rules

  View on GitHub
  ☆80Sep 29, 2025Updated 6 months ago
• dfirvault / Thor-scanner-menu

  View on GitHub
  Menu for Thor scanner lite
  ☆20Oct 24, 2025Updated 5 months ago
• blacklotuslabs / IOCs

  View on GitHub
  IOCs published by Black Lotus Labs
  ☆140Updated this week
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool

  View on GitHub
  Linux Baseline and Forensic Triage Tool - BETA
  ☆58Mar 10, 2026Updated last month
• redhataugust / VulnHub_Vagrant

  View on GitHub
  This repository is for the vagrant instances of VulnHub machines
  ☆46Sep 12, 2024Updated last year
• certsocietegenerale / rAIdline

  View on GitHub
  IR drill plateform
  ☆23Jul 29, 2025Updated 8 months ago
• petikvx / MSIL-Ransom-Part-01

  View on GitHub
  Source Code of MSIL Ransom
  ☆14Feb 11, 2023Updated 3 years ago