Tools developed by the Zscaler ThreatLabz Threat Intelligence team
☆96Feb 9, 2026Updated 2 weeks ago
Alternatives and similar repositories for tools
Users that are interested in tools are comparing it to the libraries listed below
Sorting:
- This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports☆78Jan 26, 2026Updated last month
- A Linux/Windows Ransomware PoC written in Python, Go and C☆16Jun 17, 2023Updated 2 years ago
- Collaborative malware exchange repository.☆34Nov 21, 2024Updated last year
- shared samples from #dailyphish and/or #apt tweets☆41Sep 3, 2025Updated 5 months ago
- A library and cli tool to extract HWP files.☆30Dec 1, 2025Updated 3 months ago
- ProcessBouncer is a simple but effective tool for blocking malware with a process-based approach. With a little fine-tuning this allows t…☆25Apr 9, 2021Updated 4 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- Packet Injection With WFP☆16Feb 20, 2023Updated 3 years ago
- A malware researching repository.☆21Aug 10, 2021Updated 4 years ago
- Curated list of ransomware-related resources; awesome style.☆32Jan 17, 2025Updated last year
- ☆76Nov 30, 2023Updated 2 years ago
- Static analysis tool that detects potential ransomware in PE and ELF files through heuristic analysis☆20Jan 16, 2024Updated 2 years ago
- Windows application aiming to preserve cryptographic information used by ransomware operations. If you suspect a ransomware is running on…☆30Jul 6, 2017Updated 8 years ago
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 4 years ago
- Collaboration platform for reverse engineering tools.☆46Dec 20, 2024Updated last year
- Archive of ransomware decryptors☆34Dec 7, 2017Updated 8 years ago
- ☆46Nov 10, 2025Updated 3 months ago
- IDA Python Script to Get All function names from Event Constructor (VCL)☆171May 16, 2025Updated 9 months ago
- Sources Codes of many MSIL malwares☆24Aug 29, 2022Updated 3 years ago
- Conti Ransomware malware leak WITH LOCKER☆24Mar 5, 2022Updated 3 years ago
- An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz☆402Updated this week
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Various Yara signatures (possibly to be included in a release later).☆87May 23, 2019Updated 6 years ago
- Presentation slides, blogs, and videos of my conference presentations.☆26Jan 31, 2024Updated 2 years ago
- a open source rat from china☆26Oct 28, 2016Updated 9 years ago
- Source code of the Rensenware ransomware in .NET☆21Jul 24, 2021Updated 4 years ago
- 🤖 Bot to get the last Cyber Security information in a Microsoft Teams channel 🏴☠️☆48Updated this week
- Slides and Material for "SymbolicExecutionDemystified" Presentation @ Insomni'Hack 2022☆100Mar 26, 2022Updated 3 years ago
- This repository contains relevant samples and data related to "Malware Reverse Engineering for Beginners" articles.☆63Feb 8, 2022Updated 4 years ago
- ☆41May 23, 2017Updated 8 years ago
- Collection of rules created using YARA-Signator over Malpedia☆141Jan 6, 2026Updated last month
- Cracks password protected Inno Setup generated installers using JtR.☆11Jun 17, 2023Updated 2 years ago
- Detecting fake news articles by analyzing patterns in writing.☆10Mar 30, 2020Updated 5 years ago
- Dump PDB Symbols including support for Bochs Debugging Format (with wine support)☆14Aug 11, 2023Updated 2 years ago
- Analysis of techniques used by Conti ransomware affiliates from their leaked manuals.☆19Aug 29, 2021Updated 4 years ago
- windows内核安全与驱动开发代码☆12Apr 4, 2020Updated 5 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Some ELF Malwares☆10Mar 11, 2022Updated 3 years ago
- A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to re…☆12Mar 13, 2016Updated 9 years ago