All

56 repositories

ThreatKB
Public
Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
malware-research yara yara-rules
malware-research yara yara-rules yara-manager yara-signatures
JavaScript
•
GNU General Public License v2.0
•17•103•40•2•Updated Mar 21, 2026Mar 21, 2026
awesome-yara
Public
A curated list of awesome YARA rules, tools, and people.
ioc awesome awesome-list
ioc awesome awesome-list threat-hunting malware-analysis malware-research yara yara-rules malware-detection yara-manager
Other
•548•4.2k•0•0•Updated Mar 16, 2026Mar 16, 2026
.github
Public
0•0•0•0•Updated Nov 19, 2025Nov 19, 2025
python-inquestlabs
Public
A Pythonic interface and command line tool for interacting with the InQuest Labs API.
Python
•
GNU General Public License v2.0
•6•36•0•0•Updated Nov 18, 2025Nov 18, 2025
suricata_exporter
Public
A Prometheus Exporter for Suricata
Go
•
BSD 3-Clause "New" or "Revised" License
•15•1•0•0•Updated Oct 22, 2025Oct 22, 2025
md-insights-client-api
Public
API client for MetaDefender InSights threat intelligence feeds
Python
•1•3•0•1•Updated Aug 19, 2025Aug 19, 2025
iocextract
Public
Defanged Indicator of Compromise (IOC) Extractor.
ioc library osint
ioc library osint base64 decoding dfir malware-research threat-sharing threatintel yara
Python
•
GNU General Public License v2.0
•92•575•2•0•Updated Aug 28, 2024Aug 28, 2024
omnibus
Public
The OSINT Omnibus (beta release)
python security osint
python security osint iocs security-automation threat-intelligence
Python
•
MIT License
•75•354•18•5•Updated May 20, 2024May 20, 2024
yara-rules-vt
Public
Collection of YARA rules designed for usage through VirusTotal.com.
YARA
•
MIT License
•11•89•3•3•Updated Apr 4, 2024Apr 4, 2024
malware-samples
Public
A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net
malware malware-analysis malware-research
malware malware-analysis malware-research malware-samples
ActionScript
•
MIT License
•200•933•0•0•Updated Mar 26, 2024Mar 26, 2024
bincapz
Public
enumerate binary capabilities, including malicious behaviors
YARA
•
Apache License 2.0
•60•1•0•0•Updated Mar 20, 2024Mar 20, 2024
ThreatIngestor
Public
Extract and aggregate threat intelligence.
ioc osint dfir
ioc osint dfir threat-hunting malware-research misp threat-sharing threatintel yara threat-analysis
Python
•
GNU General Public License v2.0
•136•908•15•0•Updated Jan 31, 2024Jan 31, 2024
sandboxapi
Public
Minimal, consistent Python API for building integrations with malware sandboxes.
python library sandbox
python library sandbox api-client malware-analysis automated-analysis
Python
•
GNU General Public License v2.0
•40•143•0•0•Updated Jan 31, 2024Jan 31, 2024
yaradbg-backend
Public
Python
•
Apache License 2.0
•7•1•0•0•Updated Jan 8, 2024Jan 8, 2024
yaradbg-frontend
Public
JavaScript
•
Apache License 2.0
•8•0•0•0•Updated Jan 8, 2024Jan 8, 2024
microsoft-office-macro-clustering
Public
Jupyter Notebook
•
MIT License
•5•21•0•2•Updated Nov 7, 2023Nov 7, 2023
RFIQ-Card
Public
Recorded Future InQuest Labs Integration
Python
•
MIT License
•2•1•0•0•Updated Sep 14, 2023Sep 14, 2023
python-threatkb
Public
Python library and command-line tool for InQuest ThreatKB. (pre-release)
Python
•
GNU General Public License v2.0
•1•2•0•0•Updated Aug 17, 2023Aug 17, 2023
iqui-ngx
Public archive
Angular CDK based, Bootstrap styled components library
TypeScript
•
MIT License
•0•2•0•16•Updated Jul 11, 2023Jul 11, 2023
iq-cli
Public
InQuest Platform v3 CLI and Python Library
Python
•
GNU Lesser General Public License v2.1
•0•0•3•0•Updated Jun 29, 2023Jun 29, 2023
PackMyPayload
Public
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zi…
Python
•
MIT License
•164•3•0•0•Updated May 24, 2023May 24, 2023
ransomware_notes
Public
An archive of ransomware notes past and present
HTML
•
MIT License
•68•1•0•0•Updated May 22, 2023May 22, 2023
cyberchef-recipes
Public
A list of cyber-chef recipes and curated links
278•0•0•0•Updated Nov 6, 2022Nov 6, 2022
malwoverview
Public
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alie…
Python
•
GNU General Public License v3.0
•517•0•0•0•Updated Oct 31, 2022Oct 31, 2022
chepy
Public
Chepy is a python lib/cli equivalent of the awesome CyberChef tool.
Python
•
GNU General Public License v3.0
•60•0•0•0•Updated Aug 20, 2022Aug 20, 2022
restringer
Public
A Javascript Deobfuscator
JavaScript
•
MIT License
•54•0•0•0•Updated Jul 28, 2022Jul 28, 2022
binlex
Public
A Binary Genetic Traits Lexer Framework
C++
•
The Unlicense
•59•0•0•0•Updated May 25, 2022May 25, 2022
MalwareSourceCode
Public
Collection of malware source code for a variety of platforms in an array of different programming languages.
Assembly
•2k•2•0•0•Updated May 23, 2022May 23, 2022
yara-rules
Public
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
threat-hunting yara yara-rules
threat-hunting yara yara-rules yara-signatures
Python
•
MIT License
•54•390•1•0•Updated May 11, 2022May 11, 2022
malware_lure
Public
Collection of Malware Lures
10•2•0•0•Updated Oct 8, 2021Oct 8, 2021

ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

InQuest

All

All

56 repositories

ThreatKB

awesome-yara

.github

python-inquestlabs

suricata_exporter

md-insights-client-api

iocextract

omnibus

yara-rules-vt

malware-samples

bincapz

ThreatIngestor

sandboxapi

yaradbg-backend

yaradbg-frontend

microsoft-office-macro-clustering

RFIQ-Card

python-threatkb

iqui-ngx

iq-cli

PackMyPayload

ransomware_notes

cyberchef-recipes

malwoverview

chepy

restringer

binlex

MalwareSourceCode

yara-rules

malware_lure

All

All

Repositories list

56 repositories