A script that searches GitHub repositories distributing malware.

Custom Google search engine dedicated to IT security & hacking stuff. Over 240 high-quality sources.

Sometimes, threat feeds share critical information with certain details blurred, which is a good practice. However, CTI analysts still need to investigate further, especially when their bosses requ…

Behavioral CTI profiles of ransomware negotiation chats — how each threat actor talks, pressures, and closes deals. Based on Ransomchats.

A library for creating, reading and editing PE files and .NET modules.

A collection of companies that disclose adversary TTPs after they have been breached

A curated list of Ransomware resources

Deduplicating archiver with compression and authenticated encryption.

yara detection rules for hunting with the threathunting-keywords project

Breakglass Intelligence — Detection rules, IOCs, and STIX bundles from threat intelligence investigations. YARA, Suricata, SIGMA, and KQL.

IoCs and YARA rules from Threatray's Threat Research

SKILL is designed specifically for security professionals such as detection engineers and SOC analysts. It helps detection engineers identify blind spots in detection rules for system command execu…

Open-source unified security operations & threat intelligence platform for OT/ICS environments with ontology-driven dashboards

Live ETW-TI event viewer for Windows kernel threat-intelligence telemetry. Research tool for exploring the same signals commercial EDRs rely on.

Fast and accurate AI powered file content types detection

Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.

Free educational content on reverse engineering and malware analysis from the FLARE team

Online Reverse Enginerring viewer

A Curated list of Security Resources for all connected things

A complete Sigma detection toolkit: parser, linter, evaluator, correlation engine, conversion framework, streaming daemon, MCP and LSP servers 🦀

Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

IOCs published by Black Lotus Labs

.NET deobfuscator and unpacker.

AI-Powered Malware Analysis & Threat Intelligence for Ghidra Transform your static analysis workflow with cutting-edge AI capabilities, comprehensive malware detection, and advanced threat intellig…

Extract AutoIt scripts embedded in PE binaries

Next-generation JavaScript analysis tooling

Azul is a malware repository for reverse engineers, incident responders and everyone in-between.

Reads and prints information from the website MalAPI.io

A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.

CISA CSAF Security Advisories