2igosha / sunburst_dga
☆22Updated 4 years ago
Alternatives and similar repositories for sunburst_dga:
Users that are interested in sunburst_dga are comparing it to the libraries listed below
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆29Updated 8 years ago
- various slides and presentations I've worked on☆18Updated last month
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Useful Windows and AD tools☆15Updated 3 years ago
- ☆12Updated 3 years ago
- ☆14Updated 6 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- s3eker is an extensible way to find open S3 buckets.☆17Updated 4 years ago
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 5 years ago
- LetMeOutOfYour.net Resources☆20Updated 4 years ago
- parsers to make life easier☆13Updated 4 years ago
- Speaking materials from conferences I've given☆9Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆30Updated 6 years ago
- Forked and updated with some additional features over the original☆17Updated 4 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Updated 6 years ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Updated last year
- Docker projects to retain beacon source IPs using C2 relaying infra☆11Updated 6 years ago
- Proof of concept communications from C# via a web browser process☆21Updated 6 years ago
- Exfiltration based on custom X509 certificates☆26Updated last year
- Repository for scripts and tips for "Yara Scan Service"☆20Updated 2 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago
- Do the unexpected with AD GPO processing☆9Updated 6 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Updated 8 years ago
- The Multiplatform Linux Sandbox☆15Updated last year
- just manipulatin these here tokens yes sir nothing weird☆22Updated 3 years ago
- CVE-2018-18368 SEP Manager EoP Exploit☆17Updated 5 years ago
- C# User Simulation☆32Updated 2 years ago
- \ PowerAvails Powershell /☆12Updated 6 years ago
- A rogue DNS detector☆23Updated last year