SkillAgentSearch skills...

Ransomware.live

šŸ“ā€ā˜ ļøšŸ’° Another Ransomware gang tracker

GenerateConvertImprove

Install / Use

/learn @JMousqueton/Ransomware.live
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

Ransomware.live Logo

Ransomware.live

Ransomware.live is originally a fork of ransomwatch.
It is a ransomware leak site monitoring tool that scrapes entries from various ransomware leak sites and publishes them.

šŸ”— GitHub repository: https://github.com/JMousqueton/ransomware.live

Ransomware.live handles data collection, parsing, enrichment, and automation to maintain the database.

šŸ“Œ Features

  • Automated scraping of ransomware leak sites (including .onion domains via Tor)
  • Integration with Hudson Rock for infostealer data via a Telegram bot
  • Data management tools for victims and groups
  • Image capture of leak site posts with watermarking, metadata, and optional face blurring
  • Notifications via ntfy and Bluesky servers
  • Environment-based configuration via .env

šŸ“‚ Repository Structure

ransomwarelive/
ā”‚
ā”œā”€ā”€ bin/                  # Core Python scripts and libraries
|   ā”œā”€ā”€ _parser/          # All parsers 
ā”‚   ā”œā”€ā”€ libcapture.py     # Capture victim/group screenshots
ā”‚   ā”œā”€ā”€ hudsonrockapi.py  # Hudson Rock API integration via Telegram bot
ā”‚   ā”œā”€ā”€ parse.py          # Parse collected data into structured formats
ā”‚   ā”œā”€ā”€ scrape.py         # Main scraping engine
ā”‚   ā”œā”€ā”€ manage.py         # Management CLI
ā”‚   ā”œā”€ā”€ shared_utils.py   # Shared helper functions
ā”‚   ā”œā”€ā”€ victims-browser.py# Victim data viewer
ā”‚   ā”œā”€ā”€ status.py         # System health and process status
ā”‚   ā”œā”€ā”€ rsslib.py         # (Optional) RSS feed generation
ā”‚   ā””ā”€ā”€ requirements.txt  # Python dependencies
ā”‚
ā”œā”€ā”€ images/               # Static assets & watermarks
ā”œā”€ā”€ db/                   # Local databases (JSON)
ā”œā”€ā”€ tmp/                  # Temporary working files
ā””ā”€ā”€ .env.sample           # Example environment configuration


---

## āš™ļø Installation

### 1. Clone the Repository
```bash
git clone https://github.com/JMousqueton/ransomware.live.git
cd ransomwarelive

2. Create a Virtual Environment

python3 -m venv venv
source venv/bin/activate

3. Install Dependencies

pip install -r bin/requirements.txt

4. Configure Environment

Copy the example .env file and edit it with your configuration:

cp .env.sample .env
nano .env

šŸš€ Usage

Start Scraping

cd bin
python scrape.py

Parse Collected Data

cd bin
python parse.py

Manage Data

cd bin
python manage.py --help

šŸ›”ļø Requirements

  • Python 3.9+
  • Tor service running locally for .onion access
  • Telegram bot credentials (used to query Hudson Rock for infostealer data)
  • ntfy server credentials (for notifications)
  • Bluesky server credentials (for notifications)
  • Unix-based environment (Linux/macOS) recommended

šŸ“œ License

This project is licensed under the unlicense License**.
See the LICENSE file for details.

āš ļø Disclaimer

This project is for research and educational purposes only.
Do not use it for unauthorized access to systems or data.
The maintainers take no responsibility for misuse of the code.

This project is only the parsing and scraping, not the website.

šŸ¤ Contributing

Contributions are welcome!
Please open an issue or submit a pull request to suggest improvements or add new features.

Maintainer: Julien Mousqueton
Website: https://ransomware.live

JMousqueton

View profile

View on GitHub
GitHub Stars313
CategoryDevelopment
Updated2d ago
Forks65
JMousqueton/ransomware.live

Languages

Python

Security Score

100/100

Audited on Mar 30, 2026

No findings