Alternatives and similar repositories for ransomwatch

Users that are interested in ransomwatch are comparing it to the libraries listed below

• CronUp / Malware-IOCs

  View on GitHub
  ☆96May 5, 2025Updated 9 months ago
• StrangerealIntel / DeltaFlare

  View on GitHub
  ☆12Jun 29, 2021Updated 4 years ago
• ninoseki / mihari

  View on GitHub
  A query aggregator for OSINT based threat hunting
  ☆930Jan 23, 2026Updated 3 weeks ago
• joshhighet / ransomwatch

  View on GitHub
  the transparent ransomware claim tracker 🥷🏼🧅🖥️
  ☆1,088Jun 17, 2025Updated 7 months ago
• cado-security / DFIR_Resources_REvil_Kaseya

  View on GitHub
  Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
  ☆180Jul 6, 2021Updated 4 years ago
• StrangerealIntel / CyberThreatIntel

  View on GitHub
  Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
  ☆724Dec 26, 2022Updated 3 years ago
• alexandreborges / malwoverview

  View on GitHub
  Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…
  ☆3,531Jan 20, 2026Updated 3 weeks ago
• CERT-Polska / mwdb-core

  View on GitHub
  Malware repository component for samples & static configuration with REST API interface.
  ☆375Updated this week
• cybercdh / kitphishr

  View on GitHub
  A tool designed to hunt for Phishing Kit source code
  ☆229Jan 29, 2026Updated 2 weeks ago
• Te-k / cobaltstrike

  View on GitHub
  Code and yara rules to detect and analyze Cobalt Strike
  ☆273May 5, 2021Updated 4 years ago
• carbonblack / active_c2_ioc_public

  View on GitHub
  Active C2 IoCs
  ☆99Nov 28, 2022Updated 3 years ago
• target / strelka

  View on GitHub
  Real-time, container-based file scanning at enterprise scale
  ☆974Updated this week
• BitsOfBinary / yarabuilder

  View on GitHub
  Python 3 library to build YARA rules.
  ☆13Oct 24, 2021Updated 4 years ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 3 years ago
• StrangerealIntel / Orion

  View on GitHub
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆141Nov 19, 2023Updated 2 years ago
• fastfire / deepdarkCTI

  View on GitHub
  Collection of Cyber Threat Intelligence sources from the deep and dark web
  ☆6,557Updated this week
• WithSecureLabs / chainsaw

  View on GitHub
  Rapidly Search and Hunt through Windows Forensic Artefacts
  ☆3,440Oct 12, 2025Updated 4 months ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆643Jun 19, 2024Updated last year
• zeronetworks / BloodHound-Tools

  View on GitHub
  Collection of tools that reflect the network dimension into Bloodhound's data
  ☆447Oct 19, 2022Updated 3 years ago
• DFIRKuiper / Kuiper

  View on GitHub
  Digital Forensics Investigation Platform
  ☆870Oct 12, 2024Updated last year
• surbo / OVERFLOW

  View on GitHub
  Microsoft Flow Attack Framework
  ☆23Nov 14, 2019Updated 6 years ago
• ScarredMonk / SysmonSimulator

  View on GitHub
  Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…
  ☆861Jan 20, 2022Updated 4 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,507Jan 24, 2023Updated 3 years ago
• am0nsec / valhalla

  View on GitHub
  The Hall of Ancient Exploitation Tools
  ☆16Oct 14, 2019Updated 6 years ago
• mandiant / ThreatPursuit-VM

  View on GitHub
  Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysi…
  ☆1,301Jun 1, 2023Updated 2 years ago
• PwCUK-CTO / OperationCloudHopper

  View on GitHub
  Indicators of compromise relating to our report on APT10's targeting of global MSPs
  ☆10Sep 26, 2017Updated 8 years ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆780Updated this week
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• optiv / ScareCrow

  View on GitHub
  ScareCrow - Payload creation framework designed around EDR bypass.
  ☆2,869Aug 18, 2023Updated 2 years ago
• NextronSystems / APTSimulator

  View on GitHub
  A toolset to make a system look as if it was the victim of an APT attack
  ☆2,710Sep 23, 2025Updated 4 months ago
• ANSSI-FR / DFIR4vSphere

  View on GitHub
  Powershell module for VMWare vSphere forensics
  ☆158Nov 8, 2024Updated last year
• mattnotmax / cyberchef-recipes

  View on GitHub
  A list of cyber-chef recipes and curated links
  ☆2,182Jun 14, 2024Updated last year
• mxm0z / awesome-intelligence-writing

  View on GitHub
  Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc
  ☆591Dec 4, 2025Updated 2 months ago
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,901Jul 6, 2024Updated last year
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 3 years ago
• BushidoUK / Abused-Legitimate-Services

  View on GitHub
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Oct 28, 2022Updated 3 years ago
• Neo23x0 / munin

  View on GitHub
  Online hash checker for Virustotal and other services
  ☆845Mar 21, 2025Updated 10 months ago
• ahhh / GoRedDeath

  View on GitHub
  Experimenting with destructive file attacks in Go
  ☆19May 20, 2019Updated 6 years ago
• JoelGMSec / PSRansom

  View on GitHub
  PowerShell Ransomware Simulator with C2 Server
  ☆500Jan 2, 2026Updated last month