DiabloHorn / yara4pentesters
rules to identify files containing juicy information like usernames, passwords etc
☆122Updated 6 years ago
Related projects: ⓘ
- Mitre Att&ck Technique Emulation☆82Updated 5 years ago
- ☆76Updated 6 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 2 years ago
- This is a logon script used to detect the theft of credentials by tools such as Mimikatz☆116Updated 9 years ago
- ☆28Updated this week
- ☆85Updated this week
- PortPlow is a distributed port and system scanning & enumeration service. It enables the quick and automated enumeration of ports and ser…☆53Updated 6 years ago
- ☆35Updated this week
- PowerShell No Agent Hunting☆107Updated 6 years ago
- Simulating Adversary Operations☆93Updated 6 years ago
- Powershell Empire Persistence finder☆116Updated 7 years ago
- Sandbox feature upgrade with the help of wrapped samples☆75Updated 6 years ago
- Tools for the Computer Incident Response Team☆141Updated 7 years ago
- CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.☆36Updated 6 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆47Updated 6 years ago
- Slides from my talk in "Hackinparis" 2019 edition☆89Updated 5 years ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆69Updated 6 years ago
- SEC599 supporting GitHub repository☆14Updated 5 years ago
- A curated list of tools, papers and techniques for Windows exploitation and incident response.☆40Updated 8 years ago
- Valhalla API Client☆62Updated last year
- ☆133Updated this week
- PowerGRR is an API client library in PowerShell working on Windows, Linux and macOS for GRR automation and scripting.☆56Updated 2 years ago
- ☆59Updated 5 years ago
- Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool☆91Updated 8 years ago
- A collection of files for adding and leveraging custom properties in BloodHound.☆181Updated 4 years ago
- Mystique may be used to discover infection markers that can be used to vaccinate endpoints against malware. It receives as input a malici…☆80Updated 6 years ago
- A toolkit for Security Researchers☆124Updated 5 years ago
- A companion tool for BloodHound offering Active Directory statistics and number crunching☆63Updated 6 years ago
- Slides from various talks that I've given over the years☆117Updated last year