ThreatLabz/iocs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ThreatLabz/iocs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ThreatLabz/iocs)

Close

ThreatLabz / iocsView on GitHubMore

• External links
• Readme badge

This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

☆79Jan 26, 2026Updated 4 months ago

Alternatives and similar repositories for iocs

Users that are interested in iocs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• HarfangLab / iocs

  View on GitHub
  Indicators of compromise
  ☆19May 18, 2026Updated 3 weeks ago
• ThreatLabz / tools

  View on GitHub
  Tools developed by the Zscaler ThreatLabz Threat Intelligence team
  ☆101Updated this week
• embee-research / Yara-detection-rules

  View on GitHub
  Yara Rules for Modern Malware
  ☆80Mar 3, 2024Updated 2 years ago
• Cisco-Talos / IOCs

  View on GitHub
  Indicators of Compromise
  ☆272May 19, 2026Updated 3 weeks ago
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆28Apr 10, 2024Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• hvs-consulting / ioc_signatures

  View on GitHub
  Repository with selected IOCs and YARA rules for threat hunting.
  ☆35Apr 8, 2026Updated 2 months ago
• reprise99 / 4688-sysmon

  View on GitHub
  ☆61Jun 24, 2023Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules

  View on GitHub
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆60Mar 2, 2025Updated last year
• elceef / yara-rulz

  View on GitHub
  Collection of generic YARA rules
  ☆16Mar 18, 2026Updated 2 months ago
• ThreatLabz / ransomware_notes

  View on GitHub
  An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz
  ☆421Jun 4, 2026Updated last week
• dr4k0nia / yara-rules

  View on GitHub
  A collection of my yara rules
  ☆34Jul 11, 2023Updated 2 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• Krypteria / Yaralyze

  View on GitHub
  Yaralyze is an malware detection tool for Android that relies on two types of static analysis, Yara rule analysis and hashes analysis.
  ☆22Nov 13, 2022Updated 3 years ago
• sophoslabs / IoCs

  View on GitHub
  Sophos-originated indicators-of-compromise from published reports
  ☆667May 14, 2026Updated last month
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• wightsci / MessageTableReader

  View on GitHub
  Read Windows message table entries.
  ☆11Feb 5, 2023Updated 3 years ago
• jischell-msft / RemoteManagementMonitoringTools

  View on GitHub
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆103Aug 15, 2025Updated 9 months ago
• pr0xylife / Emotet

  View on GitHub
  IOC Collection 2022
  ☆57Mar 7, 2023Updated 3 years ago
• OverTheNet / CODE_OF_MALWARE_I

  View on GitHub
  Contains Actual Events and Codes of Threat Groups, APTs, Research Groups
  ☆20Sep 10, 2022Updated 3 years ago
• stvemillertime / Cerebro

  View on GitHub
  Scripts and lists to help generate YARA friendly string mutations
  ☆22Apr 9, 2023Updated 3 years ago
• EmissarySpider / ransomware-descendants

  View on GitHub
  A repository dedicated to tracking ransomware families based on leaked builders.
  ☆22Apr 17, 2024Updated 2 years ago
• advanced-threat-research / Threat-Reports

  View on GitHub
  Repository to store the Threat Reports made by the McAfee Enterprise ATR Team
  ☆10Oct 11, 2018Updated 7 years ago
• eset / malware-ioc

  View on GitHub
  Indicators of Compromises (IOC) of our various investigations
  ☆1,956May 20, 2026Updated 3 weeks ago
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 6 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• netskopeoss / NetskopeThreatLabsIOCs

  View on GitHub
  ☆157May 8, 2026Updated last month
• executemalware / Malware-IOCs

  View on GitHub
  ☆507Oct 7, 2024Updated last year
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Updated this week
• Onapsis / Onapsis_CVE-2025-31324_Scanner_Tools

  View on GitHub
  ☆12Jun 6, 2025Updated last year
• rapid7 / Rapid7-Labs

  View on GitHub
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆105Jun 4, 2026Updated last week
• pr0xylife / Pikabot

  View on GitHub
  ☆32Mar 11, 2026Updated 3 months ago
• EmergingThreats / log4shell-detection

  View on GitHub
  ☆12Dec 23, 2021Updated 4 years ago
• RanjitPatil / Static-Dynamic-Malware-Analysis

  View on GitHub
  ☆13Jan 19, 2023Updated 3 years ago
• Neo23x0 / ThreatResearch-Reporting-Guide

  View on GitHub
  Offensive Research Guide to Help Defense Improve Detection
  ☆31Jan 27, 2023Updated 3 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• The-DFIR-Report / Yara-Rules

  View on GitHub
  ☆83Sep 29, 2025Updated 8 months ago
• dfirvault / Thor-scanner-menu

  View on GitHub
  Menu for Thor scanner lite
  ☆20Oct 24, 2025Updated 7 months ago
• blacklotuslabs / IOCs

  View on GitHub
  IOCs published by Black Lotus Labs
  ☆143May 19, 2026Updated 3 weeks ago
• redhataugust / VulnHub_Vagrant

  View on GitHub
  This repository is for the vagrant instances of VulnHub machines
  ☆46Sep 12, 2024Updated last year
• jgasmussen / Linux-Baseline-and-Forensic-Triage-Tool

  View on GitHub
  Linux Baseline and Forensic Triage Tool - BETA
  ☆60Mar 10, 2026Updated 3 months ago
• petikvx / MSIL-Ransom-Part-01

  View on GitHub
  Source Code of MSIL Ransom
  ☆14Feb 11, 2023Updated 3 years ago
• certsocietegenerale / rAIdline

  View on GitHub
  IR drill plateform
  ☆24Jul 29, 2025Updated 10 months ago