MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
☆41Oct 25, 2021Updated 4 years ago
Alternatives and similar repositories for Conti-Leaked-Playbook-TTPs
Users that are interested in Conti-Leaked-Playbook-TTPs are comparing it to the libraries listed below
Sorting:
- ☆13Jul 30, 2021Updated 4 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆60Dec 15, 2023Updated 2 years ago
- ☆32Apr 24, 2022Updated 3 years ago
- Short Python script for parsing Defender VDM signature files.☆10Sep 22, 2024Updated last year
- Tomcat backdoor based on CS blog☆29Jun 30, 2023Updated 2 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Silent Cleanup UAC Bypass POC☆11Dec 15, 2019Updated 6 years ago
- ☆16Aug 25, 2025Updated 6 months ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- ☆29May 10, 2024Updated last year
- ☆11Mar 12, 2021Updated 4 years ago
- A python tool to generate an Excel file linking the list of cracked accounts and their LDAP attributes.☆12Jan 31, 2025Updated last year
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Apr 8, 2022Updated 3 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- A bootkit to bypass Windows login (WIP)☆10Oct 25, 2023Updated 2 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Hive v5 file decryption algorithm☆34Nov 28, 2022Updated 3 years ago
- ☆12Feb 2, 2025Updated last year
- A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB☆19Mar 15, 2024Updated last year
- LNK to JSON☆14Mar 7, 2019Updated 7 years ago
- Situational Awareness script to identify how and where to run implants☆68Dec 6, 2024Updated last year
- POCs to test Vlang in cybersecurity aspects.☆38Dec 29, 2022Updated 3 years ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated last month
- Corporative registry worldwide catalog. 63 countries☆16Jun 24, 2022Updated 3 years ago
- ☆13Jul 15, 2021Updated 4 years ago
- ☆10Nov 3, 2021Updated 4 years ago
- Sources Codes of many Office Malwares☆17Sep 4, 2022Updated 3 years ago
- Utilities for Pentesting with BloodHound☆22Feb 20, 2026Updated 2 weeks ago
- Code injection is a technique where a process can insert a part of or all of its code from its own running process into another target pr…☆14Jun 15, 2023Updated 2 years ago
- ☆94May 14, 2022Updated 3 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- POC for frustrating/defeating Malware Analysts☆156Jun 12, 2022Updated 3 years ago