Tools developed by the Zscaler ThreatLabz Threat Intelligence team
☆98Mar 17, 2026Updated this week
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆78Jan 26, 2026Updated last month
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 4 years ago
- A library and cli tool to extract HWP files.☆30Dec 1, 2025Updated 3 months ago
- shared samples from #dailyphish and/or #apt tweets☆41Sep 3, 2025Updated 6 months ago
- A Linux/Windows Ransomware PoC written in Python, Go and C☆16Jun 17, 2023Updated 2 years ago
- Packet Injection With WFP☆16Feb 20, 2023Updated 3 years ago
- Collaborative malware exchange repository.☆34Nov 21, 2024Updated last year
- This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.☆15Jun 6, 2022Updated 3 years ago
- ☆46Nov 10, 2025Updated 4 months ago
- Windows application aiming to preserve cryptographic information used by ransomware operations. If you suspect a ransomware is running on…☆30Jul 6, 2017Updated 8 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows t…☆25Apr 9, 2021Updated 4 years ago
- DelphiHelper is a python IDA Pro plugin aiming to help the analysis of x86/x86_64 binaries written in Delphi programming language.☆142Updated this week
- a open source rat from china☆26Oct 28, 2016Updated 9 years ago
- This repository contains the analysis reports, technical details or any tools created for helping in malware analysis. Additionally, the …☆22Jun 17, 2025Updated 9 months ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- Archive of ransomware decryptors☆34Dec 7, 2017Updated 8 years ago
- IDA Python Script to Get All function names from Event Constructor (VCL)☆172May 16, 2025Updated 10 months ago
- ☆76Nov 30, 2023Updated 2 years ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago
- Conti Ransomware malware leak WITH LOCKER☆24Mar 5, 2022Updated 4 years ago
- Ida Pro plugin to aid in reverse engineering Rust binaries.☆19Dec 9, 2024Updated last year
- WinAFL modified for RDP client fuzzing☆20Dec 18, 2022Updated 3 years ago
- A malware researching repository.☆21Aug 10, 2021Updated 4 years ago
- 🤖 Bot to get the last Cyber Security information in a Microsoft Teams channel 🏴☠️☆48Updated this week
- Curated list of ransomware-related resources; awesome style.☆32Jan 17, 2025Updated last year
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- Sources Codes of many MSIL malwares☆24Aug 29, 2022Updated 3 years ago
- Bluefrost Exploitation Challenge 2019 - Exploit and Writeup☆25Feb 11, 2024Updated 2 years ago
- Ghidra plugin for HashDB☆21Oct 11, 2023Updated 2 years ago
- Malduck is your ducky companion in malware analysis journeys☆350Jun 22, 2025Updated 9 months ago
- Source code of the Rensenware ransomware in .NET☆21Jul 24, 2021Updated 4 years ago
- ☆116Feb 13, 2026Updated last month
- An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz☆406Updated this week
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Slides and Material for "SymbolicExecutionDemystified" Presentation @ Insomni'Hack 2022☆100Mar 26, 2022Updated 3 years ago
- Collection of Malware Lures☆23Oct 8, 2021Updated 4 years ago
- Anywhere is a powerful botnet that allows for the remote control of compromised devices☆29Jan 19, 2023Updated 3 years ago
- ☆39Dec 10, 2024Updated last year