Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Malware Sample Sources

Bringing you the best of the worst files on the Internet.

🧬 Mitre Interactive Network Graph (APTs, Malware, Tools, Techniques & Tactics)

Extracting Attack Behavior from Threat Reports

Collaborative malware exchange repository.

Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, ProjectSauron, APT29, EquationGroup, including Stuxnet / Flame.

UPDATED 2022 Flame malware sourcecode available !! Forked. I will later provide my sample of Flame, Duqu and Gauss.

A curated malware database with more then +73000 samples.

Advanced Persistent Bot, or APBot, is an AI chatbot that provides information on advanced persistent threat (APT) groups.

APT Groups and Operations (https://apt.threattracking.com) in SQL

An Advanced Persistent Threat Simulation Example under Loki Detection. Forked from

Unsupervised Analysis Framework for Heterogenous Log-Files (Patterns Extractor)

Materials from the Masterclass I presented on the Off By One Security channel, hosted by Stephen Sims. The sessions covered how to develop and deploy rootkits and included an APT-style emulation demonstrating how such malware can be used operationally.

A technical study about an APT campaign targeting french entities in the construction, real estate and government industries during march 2022, one month before the french presidential elections.

Advanced Red Team C2 Framework written in Rust & Python.

ADEO APT38 Lazarus Threat Analysis Report

ADEO APT10 Threat Analysis Report