A structured, continuously updated threat-intelligence repository focused on ransomware families and threat actors.
☆37Feb 28, 2026Updated this week
Alternatives and similar repositories for Ransomware
Users that are interested in Ransomware are comparing it to the libraries listed below
Sorting:
- World's First Haiku Ransomware/Malware☆16Dec 22, 2024Updated last year
- A database-based strong Windows Disk Cleaner With Utilities☆19Nov 25, 2025Updated 3 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- Attacking indiscriminately every header, cookie, GET and POST parameter with blind fury.☆13Sep 25, 2025Updated 5 months ago
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- ☆14Mar 19, 2024Updated last year
- Deobfuscation of XorStringsNet☆14Nov 5, 2024Updated last year
- A collection of commands, tools, techniques and procedures of the purplestorm ctf team.☆14Mar 20, 2025Updated 11 months ago
- Excel Add In Payload Generator☆14Oct 9, 2023Updated 2 years ago
- Little java tool to decrypt passwords from Openfire embedded-db☆16Nov 14, 2015Updated 10 years ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- GDI malware made by Itzsten, for educational purposes only☆13Jul 20, 2025Updated 7 months ago
- ☆22Dec 30, 2025Updated 2 months ago
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication querying LDAP. Generates individual CSV files and a s…☆50Feb 23, 2026Updated last week
- Impacket pre-compiled binaries☆18Jul 31, 2023Updated 2 years ago
- Over 100K open-source YARA signatures evaluated against over 280K files to give insights into the performance of each YARA rule.☆26Dec 13, 2022Updated 3 years ago
- ☆381Updated this week
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 11 months ago
- A simple commandline application to automatically decrypt strings from Obfuscator protected binaries☆47Jun 15, 2024Updated last year
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- Bloodhound agent for Mythic☆23Apr 19, 2025Updated 10 months ago
- ☆22Jun 9, 2025Updated 8 months ago
- Top hashpwn rules☆20Dec 12, 2025Updated 2 months ago
- Python tool to generate crafted JWTs, exploiting the algorithm confusion vulnerability in JWT signature validation. Useful for security …☆25Mar 22, 2025Updated 11 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Cortex EDR Ransomware protection Bypass☆26Feb 8, 2025Updated last year
- StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…☆20Aug 7, 2024Updated last year
- Exploits Really Simple Security < 9.1.2 authentication bypass (CVE-2024-10924).☆19Nov 19, 2024Updated last year
- ☆59Nov 13, 2024Updated last year
- Nemesis agent for Mythic☆28Dec 11, 2025Updated 2 months ago
- Collection of red team techniques.☆67Apr 25, 2025Updated 10 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆63Oct 29, 2024Updated last year
- A reference of Windows API function calls, including functions for file operations, process management, memory management, thread managem…☆121Nov 22, 2023Updated 2 years ago
- Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]☆27Jun 3, 2024Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 2 years ago
- ProteCTkers v1 Antivirus is an open-source antivirus solution developed by Harsh Chaudhari, designed to provide robust malware detection …☆22Dec 20, 2023Updated 2 years ago
- This exploit rebuilds and exploit the CVE-2019-16098 which is in driver Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCo…☆30Aug 5, 2024Updated last year
- Public datasets of malware and benign executable files (Windows EXE files). The dataset can be used by cybersecurity researchers focusing…☆24Jul 25, 2023Updated 2 years ago