TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains, IPs, and SHA256/MD5 hashes.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Welcome to our open-source antivirus project! Our software is currently under development but already features essential functionalities to protect your system. Users can perform individual file scans, full system scans, and conveniently quarantine infected files. Fork the code to contribute and eliminate bugs and other defects

Linker/Compiler/Tool detector for Windows, Linux and MacOS.

APK/DEX detector for Windows, Linux and MacOS.

This nextcloud app aims to provide an additional layer of security to your Nextcloud instance by enabling automatic and manual scanning of files for malicious content powered by G DATA Verdict-as-a-Service.

This repository is a collection of reports of malicious packages.

Command line interface for the Phylum API

Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results

This repository contains a list of many scam videos and channels on Youtube in multiple, easy-to-access formats.

Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks or check conformance to frameworks, such as SLSA.

AssemblyLine 4: File triage and malware analysis

ICAP service which unpacks password-protected attachments (.iso, .rar, .7z, .zip etc.) of various file types and scans them using YARA. Can be seamlessly integrated into rspamd.

Verdict-as-a-Service SDKs: Analyze files for malicious content

Blackbook of malware domains

Cryptojacker that mines Monero with XMRig while pretending to install an unrelated application. Targets Windows 10 and 11 systems.

Terminator is a compact utility coded in C#, designed to end processes that have RtlSetProcessIsCritical enabled.

Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).

🎁 Blocks browser-based crypto mining, cryptojacking, banking and crypto malware and phishing websites, apps and hackers command-and-control (C2) servers.