Alternatives and similar repositories for Conti-Leaked-Playbook-TTPs:

Users that are interested in Conti-Leaked-Playbook-TTPs are comparing it to the libraries listed below

• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆56Updated 2 years ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆52Updated 11 months ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆67Updated 10 months ago
• rvrsh3ll / DInjector
  Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
  ☆21Updated 2 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 2 years ago
• 0xNinjaCyclone / IATUnhooker
  IAT Unhooking proof-of-concept
  ☆29Updated last year
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 9 months ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆37Updated 2 years ago
• duckbillsecurity / pdf-smuggler
  Create PDFs with HTML smuggling attachments that save on opening the document.
  ☆29Updated last year
• Helixo32 / DetectHooks
  Detect userland hooks placed by AV/EDR
  ☆27Updated last year
• BlackSnufkin / CheckPlz
  Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.
  ☆16Updated 4 months ago
• ps1337 / Lastenzug
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Updated 2 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 2 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• naksyn / talks
  Repo containing my public talks
  ☆23Updated last year
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆49Updated 3 years ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆56Updated 2 years ago
• MythicC2Profiles / discord
  Discord C2 Profile for Mythic
  ☆28Updated 2 months ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• ScriptIdiot / SysmonQuiet
  RDLL for Cobalt Strike beacon to silence sysmon process
  ☆88Updated 2 years ago
• 4ndr34z / prenum
  ☆27Updated last year
• MythicAgents / leviathan
  ☆17Updated 5 months ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• AssuranceMaladieSec / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆26Updated 2 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆62Updated last year
• pgormanDS / hash_spider
  A module for CME that spiders across a domain.
  ☆35Updated 2 years ago
• EspressoCake / Process_Protection_Level_BOF
  ☆58Updated 3 years ago