CodeXTF2 / cobaltstrike-sleepmask-yaraView external linksLinks
Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-strike/sleep-mask-kit-iocs
☆16Jun 4, 2025Updated 8 months ago
Alternatives and similar repositories for cobaltstrike-sleepmask-yara
Users that are interested in cobaltstrike-sleepmask-yara are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 10 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 5 months ago
- Ansible Role for Ludus to provision or remove a device to/from a Tailnet.☆13Dec 5, 2025Updated 2 months ago
- ☆15May 30, 2025Updated 8 months ago
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- Azure Offensive Library☆17Oct 18, 2025Updated 3 months ago
- ☆13Jul 30, 2021Updated 4 years ago
- A small go tool to upload JSON files to the BloodHound community edition API☆30May 29, 2024Updated last year
- EDR/AV Simulation for Malware Development☆13Oct 21, 2023Updated 2 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Repository for Ludus french templates☆21Jan 17, 2026Updated 3 weeks ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated 11 months ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆50Feb 13, 2025Updated last year
- ☆113Oct 10, 2022Updated 3 years ago
- ☆15May 10, 2020Updated 5 years ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- ☆15Apr 29, 2023Updated 2 years ago
- ☆42Feb 18, 2025Updated 11 months ago
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated last month
- A BOF for lazy people☆23Apr 4, 2024Updated last year
- ADSI based SA tool☆17Apr 9, 2022Updated 3 years ago
- 存储练习项目,目前有GetWeChatBOF☆19Jul 26, 2023Updated 2 years ago
- ☆26Nov 25, 2025Updated 2 months ago
- Ansible roles to deploy RedELK☆23Feb 15, 2023Updated 3 years ago
- PackageSpy is a versatile command-line tool designed to simplify the process of searching for packages on two popular package managers☆22Jun 19, 2024Updated last year
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆75Oct 27, 2025Updated 3 months ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- ☆37Nov 25, 2025Updated 2 months ago