DfirJos / CnC-detectionView external linksLinks
Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation
☆15Aug 17, 2018Updated 7 years ago
Alternatives and similar repositories for CnC-detection
Users that are interested in CnC-detection are comparing it to the libraries listed below
Sorting:
- ☆11Apr 23, 2019Updated 6 years ago
- 一些漏洞的环境/利用工具/分析☆10Jul 24, 2020Updated 5 years ago
- Woodpecker framework Tomcat vulnerability library☆15May 23, 2021Updated 4 years ago
- A Cobaltstrike container, built for Warhorse☆40Aug 8, 2024Updated last year
- ☆14Oct 25, 2019Updated 6 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Jul 6, 2019Updated 6 years ago
- This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.☆18Apr 24, 2019Updated 6 years ago
- Data Exfiltration via HTTP Traffic (C# and Shell Script)☆17Jun 5, 2023Updated 2 years ago
- A set of zeek scripts providing a module for tracking and correlating abnormal DNS behavior.☆36Jan 4, 2025Updated last year
- A utility for password spraying using kerberos from an untrusted/non-domain joined Kali linux host. Useful for user and KDC/DC enumeratio…☆19Oct 28, 2023Updated 2 years ago
- Obfuscated Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is…☆18Nov 8, 2017Updated 8 years ago
- Packer and vagrant scripts to automate building Windows and Linux machines on vCenter☆17Jul 7, 2019Updated 6 years ago
- WireShark URI Decode LUA Plugin☆20Nov 7, 2018Updated 7 years ago
- ☆17Jan 3, 2021Updated 5 years ago
- ☆45Jul 12, 2018Updated 7 years ago
- An Interactive Pcap Editor (based on Scapy)☆23Oct 11, 2020Updated 5 years ago
- ☆18Dec 24, 2018Updated 7 years ago
- A Windows Remote Administration Tool in Visual Basic with UNC paths☆23Apr 19, 2019Updated 6 years ago
- treafik fronted c2 examples☆25Dec 6, 2020Updated 5 years ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆27Sep 29, 2021Updated 4 years ago
- LAPS module for CrackMapExec☆29Oct 20, 2021Updated 4 years ago
- CVE-2020-3452 exploit☆24Aug 1, 2020Updated 5 years ago
- Mapping of Binaries that allows Arbitrary Code Execution☆26May 10, 2018Updated 7 years ago
- 尝试恢复乱码☆21Feb 3, 2021Updated 5 years ago
- Domain fronting using Google app engine☆53Feb 19, 2018Updated 7 years ago
- Chrome Crusader☆24Jun 19, 2019Updated 6 years ago
- ☆53Mar 4, 2019Updated 6 years ago
- fix time for java application using javaAgent☆24Dec 3, 2017Updated 8 years ago
- A sample bot for Cobalt Strike 3☆22Jun 11, 2016Updated 9 years ago
- Metasploit module for massive Denial of Service using #Bluekeep vector.☆25Oct 1, 2019Updated 6 years ago
- An example of a downloader written in NodeJS.☆24Apr 17, 2021Updated 4 years ago
- Aggressor Script to launch IE driveby for CVE-2018-15982.☆29Dec 7, 2019Updated 6 years ago
- 17条检测cobaltstrike的suricata-ids规则☆69Jun 20, 2022Updated 3 years ago
- Script that searches through all COM objects for any methods containing a key word of your choosing.☆74Feb 28, 2020Updated 5 years ago
- A collection of useful radare2 scripts!☆32Feb 2, 2018Updated 8 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- ☆67Dec 24, 2021Updated 4 years ago
- A Python script that runs a machine learning analysis on data from RaiGames.io to predict the next crash.☆11Jun 21, 2022Updated 3 years ago
- A Silent Miner that mines Crypto - XMR and ETH☆16Feb 5, 2023Updated 3 years ago