BushidoUK / Abused-Legitimate-Services
Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
☆57Updated last year
Related projects: ⓘ
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- ☆40Updated 5 months ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated 10 months ago
- ☆25Updated 3 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆48Updated last year
- Bloodhound Portable for Windows☆51Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- ☆37Updated 2 years ago
- ShellSweeping the evil.☆49Updated 3 months ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 2 years ago
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- Carbon Black Response IR tool☆53Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆29Updated 2 months ago
- A visualized overview of the Initial Access Broker (IAB) cybercrime landscape☆107Updated 2 years ago
- nse script to inject jndi payloads☆45Updated 2 years ago
- Threat Hunt Investigation Methodology and Procedure☆14Updated 2 years ago
- ☆17Updated this week
- Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.☆47Updated 9 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- ☆59Updated 3 years ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆74Updated 2 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- This script is a multi-threaded Okta password sprayer.☆66Updated 8 months ago
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆38Updated last year
- Ransomware Simulator for testing Blue Team Detections☆34Updated 2 years ago
- Reads and prints information from the website MalAPI.io☆38Updated 2 years ago
- Yara Rules for Modern Malware☆68Updated 6 months ago
- SMBMap is a handy SMB enumeration tool - here with Kerberos support☆74Updated 2 years ago
- Triaging Windows event logs based on SANS Poster☆37Updated last year