Alternatives and similar repositories for adversaryemulation-gems

Users that are interested in adversaryemulation-gems are comparing it to the libraries listed below

• whichbuffer / Lockbit-Black-3.0
  ☆25Updated 3 years ago
• peasead / windows-sandbox-to-elastic
  Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
  ☆50Updated 2 years ago
• sourcefrenchy / DEFCON-30---Exotic-Data-Exfiltration
  Slides from my talk at the Adversary Village, Defcon 30
  ☆29Updated 3 years ago
• ZephrFish / SandboxSpy
  Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…
  ☆21Updated 2 months ago
• Gr1mmie / WMIEnum
  WMI SA stuffs
  ☆30Updated 3 years ago
• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated 2 years ago
• 3ndG4me / AgentSmith
  Golang C2 Agent PoC utilizing web and social media paltforms to issue command and control and pasting results to PasteBin
  ☆17Updated 5 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆39Updated 4 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆31Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆45Updated 2 years ago
• f0wl / blackCatConf
  Configuration Extractor for BlackCat Ransomware
  ☆30Updated 3 years ago
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆28Updated 2 years ago
• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated 3 years ago
• Neo23x0 / yara-uuid-generator
  A tool that adds reproducible UUIDs to YARA rules
  ☆13Updated last year
• airbus-seclab / nbutools
  Tools for offensive security of NetBackup infrastructures
  ☆42Updated 2 years ago
• DidierStevens / FalsePositives
  Tools that trigger False Positive AV alerts
  ☆53Updated 10 months ago
• CyberSecurityUP / Physical-PenTest-Methodology
  Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152
  ☆22Updated 2 years ago
• moohax / RedML
  Collection of red machine learning projects
  ☆41Updated 4 years ago
• HuskyHacks / RustyTokenManipulation
  just manipulatin these here tokens yes sir nothing weird
  ☆22Updated 3 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆53Updated 2 years ago
• Cobalt-Strike / ZeroLogon-BOF
  ☆12Updated 5 years ago
• MythicAgents / freyja
  Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.
  ☆61Updated last year
• epi052 / rustdsplit
  At some point, I learned about a method to perform a binary search on a file in order to identify its AV signature and change it to bypas…
  ☆35Updated 5 years ago
• antman1p / freyja
  Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.
  ☆44Updated last year
• shantanu561993 / Awesome_Firebase_DomainFront
  Firebase Domain Front Code
  ☆21Updated 4 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆22Updated last year
• danielwolfman / Invoke-WordThief
  This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…
  ☆33Updated 5 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 4 years ago
• qsecure-labs / Sp00fer
  Sp00fer blog post -
  ☆25Updated 3 years ago
• danzek / awesome-lol-commonly-abused
  Awesome list of Living off the Land (LOL) methods, tools, and features commonly abused by attackers
  ☆31Updated 7 months ago