DISREL / Conti-Leaked-Playbook-TTPsView external linksLinks
MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
☆41Oct 25, 2021Updated 4 years ago
Alternatives and similar repositories for Conti-Leaked-Playbook-TTPs
Users that are interested in Conti-Leaked-Playbook-TTPs are comparing it to the libraries listed below
Sorting:
- ☆13Jul 30, 2021Updated 4 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- ☆32Apr 24, 2022Updated 3 years ago
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 2 years ago
- ☆16Aug 25, 2025Updated 5 months ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- ☆29May 10, 2024Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Apr 8, 2022Updated 3 years ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- ☆11Mar 12, 2021Updated 4 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- A bootkit to bypass Windows login (WIP)☆10Oct 25, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB☆18Mar 15, 2024Updated last year
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Hive v5 file decryption algorithm☆34Nov 28, 2022Updated 3 years ago
- Detection Engineering Tools☆20Feb 9, 2026Updated last week
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Situational Awareness script to identify how and where to run implants☆67Dec 6, 2024Updated last year
- ☆12Feb 2, 2025Updated last year
- POCs to test Vlang in cybersecurity aspects.☆37Dec 29, 2022Updated 3 years ago
- Utilities for Pentesting with BloodHound☆22Dec 10, 2025Updated 2 months ago
- Code injection is a technique where a process can insert a part of or all of its code from its own running process into another target pr…☆14Jun 15, 2023Updated 2 years ago
- Sources Codes of many Office Malwares☆17Sep 4, 2022Updated 3 years ago
- ☆10Nov 3, 2021Updated 4 years ago
- Corporative registry worldwide catalog. 63 countries☆16Jun 24, 2022Updated 3 years ago
- ☆13Jul 15, 2021Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- Running .NET from VBA☆149Feb 11, 2023Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆158Jun 12, 2022Updated 3 years ago