Skip to content
Change the repository type filter

All

    Repositories list

    • Synapse Rapid Power-Up for Validin
      Python
      MIT License
      11000Updated Feb 5, 2026Feb 5, 2026
    • Mapping XProtect's obfuscated malware family names to common industry names.
      YARA
      79400Updated Nov 14, 2025Nov 14, 2025
    • Go
      MIT License
      0000Updated Nov 10, 2025Nov 10, 2025
    • IDApython Scripts for Analyzing Golang Binaries
      Python
      GNU General Public License v3.0
      7366701Updated Aug 8, 2024Aug 8, 2024
    • A ruleset to find potentially malicious code in macOS malware samples
      YARA
      GNU General Public License v3.0
      24100Updated Aug 29, 2023Aug 29, 2023
    • Go
      GNU General Public License v3.0
      0100Updated Jun 21, 2023Jun 21, 2023
    • 137301Updated Jun 20, 2023Jun 20, 2023
    • A simple script to scan IIS logs for potential exploitation of MOVEit
      PowerShell
      GNU General Public License v3.0
      0000Updated Jun 7, 2023Jun 7, 2023
    • Python3 script which decrypts files encrypted by flawed Cl0p ELF variant.
      Python
      31700Updated Feb 6, 2023Feb 6, 2023
    • Python
      0200Updated Jun 8, 2022Jun 8, 2022
    • aeon

      Public
      Repository containing Aeon Timeline templates and example projects
      1700Updated May 6, 2022May 6, 2022
    • Yara

      Public
      Public SentinelLabs Yara Rules
      YARA
      2500Updated Mar 17, 2022Mar 17, 2022
    • Massive unpacking of CryptOne samples
      0100Updated Feb 21, 2022Feb 21, 2022
    • Xcode Playground that will return a list of all installed applications for a user that use SMLoginItem API
      0100Updated Feb 10, 2022Feb 10, 2022
    • Python
      Other
      51500Updated Dec 22, 2021Dec 22, 2021
    • An agent to hotpatch the log4j RCE from CVE-2021-44228.
      Java
      Other
      72000Updated Dec 16, 2021Dec 16, 2021
    • IOCs for ZLoader Campaign 2021
      0000Updated Sep 15, 2021Sep 15, 2021
    • Shadowpad

      Public
      Technical Indicators for SentinelLabs ShadowPad research
      1300Updated Aug 16, 2021Aug 16, 2021
    • Hashes and Yara hunting rules for MeteorExpress Wiper
      YARA
      1200Updated Jul 29, 2021Jul 29, 2021
    • 900 SHA1 Gootloader js loader hashes plus some of the most relevant lures with the embedded URLs used for the delivery of the payloads.
      0000Updated Jun 16, 2021Jun 16, 2021
    • Memloader

      Public
      Memory Loader Open Source Project by Sentinel-Labs.
      C++
      Other
      112520Updated Mar 26, 2021Mar 26, 2021
    • IOCs

      Public
      A Collection of IOC's
      0200Updated Jan 27, 2021Jan 27, 2021
    • This is a work-in-progress command line tool for reversing run-only AppleScripts. It will help parse the output of applescript-disassembler.py into something mo…
      Objective-C
      117210Updated Jan 12, 2021Jan 12, 2021
    • This tool is designed to identify processes, services, and drivers that SUNBURST attempts to identify on the victim's machine.
      C#
      1600Updated Jan 6, 2021Jan 6, 2021
    • The Windows Malware Analysis Reversing Core Tools
      PowerShell
      229920Updated Dec 21, 2020Dec 21, 2020
    • Java
      Other
      51200Updated Nov 25, 2020Nov 25, 2020
    • Code and data related to TrickBot-Deobfuscator blog
      Python
      3500Updated Feb 25, 2020Feb 25, 2020
    • This is a collection of relevant indicators of compromise for the main blog.
      2400Updated Feb 5, 2020Feb 5, 2020
    • This is a repository for the public blog with Labs indicators of compromise and code
      PowerShell
      41800Updated Jan 8, 2020Jan 8, 2020
    • This is a repository for the public blog with Labs indicators of compromise.
      21100Updated Dec 10, 2019Dec 10, 2019
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.