Alternatives and similar repositories for rdphoney

Users that are interested in rdphoney are comparing it to the libraries listed below

• ohjeongwook / PowerShellRunBox
  Dynamic PowerShell Analysis Framework Based Upon PowerShell Debugging Functionality
  ☆83Updated 2 years ago
• RomanEmelyanov / CobaltStrikeForensic
  Toolset for research malware and Cobalt Strike beacons
  ☆211Updated 9 months ago
• kryptoslogic / rdppot
  RDP honeypot
  ☆68Updated 6 years ago
• nao-sec / tknk_scanner
  Community-based integrated malware identification system
  ☆82Updated 3 years ago
• sysopfb / malware_decoders
  Static based decoders for malware samples
  ☆94Updated 5 years ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆138Updated 5 years ago
• tstillz / webshell-scan
  Simple web shell scanner written in Golang.
  ☆89Updated 6 years ago
• 1d8 / macros
  ☆50Updated 5 years ago
• v1ado / HIPS_LIPS
  Community maintained list of most popular HIPS service and process names on a Windows Platform.
  ☆43Updated 3 years ago
• mitre-attack / joystick
  Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…
  ☆64Updated 2 years ago
• Lifars / gargamel
  A forensic evidence acquirer
  ☆86Updated 4 years ago
• tstillz / webshell-analyzer
  Web shell scanner and analyzer.
  ☆113Updated 2 years ago
• syriusbughunt / CVE-2019-0708
  PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008)
  ☆39Updated 6 years ago
• denisugarte / PowerDrive
  A tool for de-obfuscating PowerShell scripts
  ☆71Updated 6 years ago
• zom3y3 / ssdc
  ssdeep cluster analysis for malware files
  ☆31Updated 5 years ago
• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆34Updated 4 years ago
• darmado / Atomic-Red-Team-C2
  ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…
  ☆177Updated 3 months ago
• vysecurity / CobaltSplunk
  Splunk Dashboard for CobaltStrike logs
  ☆90Updated 4 years ago
• homjxi0e / LOLBAS222
  APT || Execution || Launch || APTs || ( Authors harr0ey, bohops )
  ☆110Updated 7 years ago
• Ice3man543 / MalScan
  A Simple PE File Heuristics Scanners
  ☆52Updated 6 years ago
• ashemery / CuckooVM
  Cuckoo running in a nested hypervisor
  ☆128Updated 5 years ago
• mnemonic-no / dnscache
  Volatility memory forensics plugin for extracting Windows DNS Cache
  ☆29Updated 8 years ago
• rapid7 / rex-powershell
  Rex library for dealing with Powershell Scripts
  ☆53Updated 4 months ago
• nccgroup / pybeacon
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆169Updated 4 years ago
• matthewdunwoody / POSHSPY
  POSHSPY backdoor code
  ☆45Updated 8 years ago
• Arno0x / TCPRelayInjecter
  Tool for injecting a "TCP Relay" managed assembly into unmanaged processes
  ☆117Updated 6 years ago
• bro / bro-osquery
  Bro integration with osquery
  ☆15Updated 2 years ago
• brakmic / Sinkholes
  Malware Sinkhole List in various formats
  ☆102Updated 3 years ago
• geek-repo / C2-Blockchain
  This is a concept poc of command and control server implemented over blockchain
  ☆54Updated 6 years ago
• Dankirk / RegSLScan
  A tool for scanning registery key permissions. Find where non-admins can create symbolic links.
  ☆45Updated 6 years ago