crocodyli / ThreatActors-TTPsView external linksLinks
Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups and evolving to other types of threats.
☆392Jan 29, 2026Updated 2 weeks ago
Alternatives and similar repositories for ThreatActors-TTPs
Users that are interested in ThreatActors-TTPs are comparing it to the libraries listed below
Sorting:
- An Archive of Ransomware Notes Past and Present Collected by Zscaler ThreatLabz☆399Jan 27, 2026Updated 2 weeks ago
- A resource containing all the tools each ransomware gangs uses☆1,327Dec 24, 2025Updated last month
- IOCs collected during day-to-day activities☆106Updated this week
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆115Oct 29, 2024Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆633Aug 4, 2025Updated 6 months ago
- A collection of CVEs weaponized by ransomware operators☆129Oct 13, 2025Updated 4 months ago
- A collection of phishing samples for researchers and detection developers.☆393Feb 6, 2026Updated last week
- TL;DR: Mutate a binary to identify potential exploit candidates☆11Jan 12, 2026Updated last month
- Extract C2 Traffic☆252Nov 25, 2024Updated last year
- Collection of Cyber Threat Intelligence sources from the deep and dark web☆6,572Updated this week
- Yet another Ransomware gang tracker☆559Updated this week
- A C2 framework for all your God Complex. A fully functional and integrated Botnet for remote command execution through user friendly UI.☆45Sep 22, 2023Updated 2 years ago
- Live Feed of C2 servers, tools, and botnets☆745Feb 9, 2026Updated last week
- Telegram Monitor☆370Jun 10, 2025Updated 8 months ago
- Automatically created C2 Feeds☆661Updated this week
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆754Feb 1, 2026Updated 2 weeks ago
- Explore CVE 2023-30845 automatically across multiple subdomains☆16Sep 30, 2023Updated 2 years ago
- the transparent ransomware claim tracker 🥷🏼🧅🖥️☆1,088Jun 17, 2025Updated 8 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆800Jan 14, 2026Updated last month
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆373Apr 6, 2024Updated last year
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆703Apr 21, 2025Updated 9 months ago
- Documentation and scripts to properly enable Windows event logs.☆672Oct 3, 2025Updated 4 months ago
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆24Jul 14, 2024Updated last year
- ☆12Feb 9, 2025Updated last year
- Encoder PHP webshell to bypass WAF using XOR operations.☆55Aug 2, 2023Updated 2 years ago
- Interesting APT Report Collection And Some Special IOCs☆2,889Updated this week
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated last year
- CLI tools for forensic investigation of Windows artifacts☆349Jul 21, 2025Updated 6 months ago
- Awesome Security lists for SOC/CERT/CTI☆1,247Updated this week
- Map tracking ransomware, by OCD World Watch team☆483Jan 21, 2026Updated 3 weeks ago
- An automated script to extract hidden images from Tecno Camon X☆12Sep 23, 2023Updated 2 years ago
- Repository created to share information about tactics, techniques and procedures used by threat actors. Initially with ransomware groups …☆40Updated this week
- Capture screenshots of onion services on an onion service.☆73Jun 11, 2024Updated last year
- A curated list of Awesome Threat Intelligence Blogs☆491Jan 20, 2026Updated 3 weeks ago
- Shodan Dorks 2023☆245Jan 13, 2025Updated last year
- Repository for sharing examples of our artifacts data and for use in new analyst recruitment.☆109Apr 22, 2025Updated 9 months ago
- A meta-list of public references to threat actor profiles and APT group datasets.☆75Oct 2, 2025Updated 4 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year