Repositories list

• sentinelone-validin

  Public
  Synapse Rapid Power-Up for Validin

  Python

  •

  MIT License

  •11 fork•1010 stars•00 issues•00 pull requests•Updated Feb 5, 2026Feb 5, 2026

• XProtect-Malware-Families

  Public
  Mapping XProtect's obfuscated malware family names to common industry names.

  YARA

  •77 forks•9494 stars•00 issues•00 pull requests•Updated Nov 14, 2025Nov 14, 2025

• vertex-synapse-grafana

  Public
  Go

  •

  MIT License

  •00 forks•00 stars•00 issues•00 pull requests•Updated Nov 10, 2025Nov 10, 2025

• AlphaGolang

  Public
  IDApython Scripts for Analyzing Golang Binaries

  goreverse-engineeringida-pro+ 3

  goreverse-engineeringida-promalware-analysisida-pluginidapython

  Python

  •

  GNU General Public License v3.0

  •7373 forks•667667 stars•00 issues•11 pull request•Updated Aug 8, 2024Aug 8, 2024

• macos-ttps-yara

  Public
  A ruleset to find potentially malicious code in macOS malware samples

  YARA

  •

  GNU General Public License v3.0

  •22 forks•4141 stars•00 issues•00 pull requests•Updated Aug 29, 2023Aug 29, 2023

• r2pipe-stringdecoder

  Public
  Go

  •

  GNU General Public License v3.0

  •00 forks•11 star•00 issues•00 pull requests•Updated Jun 21, 2023Jun 21, 2023

• S1QL-Queries

  Public
  1313 forks•7373 stars•00 issues•11 pull request•Updated Jun 20, 2023Jun 20, 2023

• MOVEit-IIS-Log-Scanner

  Public
  A simple script to scan IIS logs for potential exploitation of MOVEit

  PowerShell

  •

  GNU General Public License v3.0

  •00 forks•00 stars•00 issues•00 pull requests•Updated Jun 7, 2023Jun 7, 2023

• Cl0p-ELF-Decryptor

  Public
  Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.

  Python

  •33 forks•1717 stars•00 issues•00 pull requests•Updated Feb 6, 2023Feb 6, 2023

• aoqin_dragon

  Public
  Python

  •00 forks•22 stars•00 issues•00 pull requests•Updated Jun 8, 2022Jun 8, 2022

• aeon

  Public
  Repository containing Aeon Timeline templates and example projects

  11 fork•77 stars•00 issues•00 pull requests•Updated May 6, 2022May 6, 2022

• Yara

  Public
  Public SentinelLabs Yara Rules

  YARA

  •22 forks•55 stars•00 issues•00 pull requests•Updated Mar 17, 2022Mar 17, 2022

• Crypt1_IOCs

  Public
  Massive unpacking of CryptOne samples

  00 forks•11 star•00 issues•00 pull requests•Updated Feb 21, 2022Feb 21, 2022

• enumerate-macos-loginitems

  Public
  Xcode Playground that will return a list of all installed applications for a user that use SMLoginItem API

  00 forks•11 star•00 issues•00 pull requests•Updated Feb 10, 2022Feb 10, 2022

• log4j_response

  Public
  Python

  •

  Other

  •55 forks•1515 stars•00 issues•00 pull requests•Updated Dec 22, 2021Dec 22, 2021

• hotpatch-for-apache-log4j2

  Public
  An agent to hotpatch the log4j RCE from CVE-2021-44228.

  Java

  •

  Other

  •7272 forks•00 stars•00 issues•00 pull requests•Updated Dec 16, 2021Dec 16, 2021

• ZLoader-2021

  Public
  IOCs for ZLoader Campaign 2021

  00 forks•00 stars•00 issues•00 pull requests•Updated Sep 15, 2021Sep 15, 2021

• Shadowpad

  Public
  Technical Indicators for SentinelLabs ShadowPad research

  11 fork•33 stars•00 issues•00 pull requests•Updated Aug 16, 2021Aug 16, 2021

• meteor-express

  Public
  Hashes and Yara hunting rules for MeteorExpress Wiper

  YARA

  •11 fork•22 stars•00 issues•00 pull requests•Updated Jul 29, 2021Jul 29, 2021

• Gootloader-iocs-q1-2021

  Public
  900 SHA1 Gootloader js loader hashes plus some of the most relevant lures with the embedded URLs used for the delivery of the payloads.

  00 forks•00 stars•00 issues•00 pull requests•Updated Jun 16, 2021Jun 16, 2021

• Memloader

  Public
  Memory Loader Open Source Project by Sentinel-Labs.

  idaida-proida-plugin+ 2

  idaida-proida-pluginidaproida-loader

  C++

  •

  Other

  •1111 forks•2525 stars•22 issues•00 pull requests•Updated Mar 26, 2021Mar 26, 2021

• IOCs

  Public
  A Collection of IOC's

  00 forks•22 stars•00 issues•00 pull requests•Updated Jan 27, 2021Jan 27, 2021

• aevt_decompile

  Public
  This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembler.py into something mo…

  Objective-C

  •1111 forks•7272 stars•11 issue•00 pull requests•Updated Jan 12, 2021Jan 12, 2021

• SolarWinds_Countermeasures

  Public
  This tool is designed to identify processes, services, and drivers that SUNBURST attempts to identify on the victim's machine.

  C#

  •11 fork•66 stars•00 issues•00 pull requests•Updated Jan 6, 2021Jan 6, 2021

• SentinelLabs_RevCore_Tools

  Public
  The Windows Malware Analysis Reversing Core Tools

  PowerShell

  •2222 forks•9999 stars•22 issues•00 pull requests•Updated Dec 21, 2020Dec 21, 2020

• VTgrepGHIDRA

  Public
  Java

  •

  Other

  •55 forks•1212 stars•00 issues•00 pull requests•Updated Nov 25, 2020Nov 25, 2020

• TrickBot-Deobfuscator

  Public
  Code and data related to TrickBot-Deobfuscator blog

  Python

  •33 forks•55 stars•00 issues•00 pull requests•Updated Feb 25, 2020Feb 25, 2020

• Gamaredon-APT

  Public
  This is a collection of relevant indicators of compromise for the main blog.

  22 forks•44 stars•00 issues•00 pull requests•Updated Feb 5, 2020Feb 5, 2020

• PowerTrick

  Public
  This is a repository for the public blog with Labs indicators of compromise and code

  PowerShell

  •44 forks•1818 stars•00 issues•00 pull requests•Updated Jan 8, 2020Jan 8, 2020

• TrickBot-Anchor

  Public
  This is a repository for the public blog with Labs indicators of compromise.

  22 forks•1111 stars•00 issues•00 pull requests•Updated Dec 10, 2019Dec 10, 2019