LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. This project gathers procedural examples from public reports of adversarial activities targeting ESXi hosts
Practical DFIR and incident response playbooks covering phishing, malware, ransomware, insider threats, and cloud security incidents for SOC and IR teams.
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
Performed deep static analysis using tools like HxD, Cmder, HashCalc, BinText, XorSearch, FLOSS, UPX, and PEStudio to extract strings, identify file structure, detect obfuscation, and reveal indicators of compromise.
🛡️ BLACKSHIELD - Enterprise Threat Intelligence Database. 276K+ malicious IPs, 11K+ CIDR ranges, 4.5K+ malicious ASNs from 233+ threat feeds. Automated C2 tracking, ransomware blocklist, Tor exit nodes, VPN/proxy IPs, enemy nation ranges, and bulletproof hosting detection.
Threat hunting and detection engineering project focused on Akira ransomware tradecraft, ATT&CK mapping, telemetry analysis, and behavioral Sigma rule development.
GNAT’s Not Another TIP
Add a description, image, and links to the threatresearch topic page so that developers can more easily learn about it.
To associate your repository with the threatresearch topic, visit your repo's landing page and select "manage topics."