DidierStevens / Beta
Beta versions of my software
☆249Updated last year
Alternatives and similar repositories for Beta:
Users that are interested in Beta are comparing it to the libraries listed below
- Code and yara rules to detect and analyze Cobalt Strike☆265Updated 3 years ago
- Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)☆576Updated 10 months ago
- Detect and respond to Cobalt Strike beacons using ETW.☆487Updated 2 years ago
- Plugins I've written for Volatility☆200Updated last year
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆253Updated last year
- ☆1,047Updated last year
- c2 traffic☆189Updated 2 years ago
- ☆197Updated 4 months ago
- ☆448Updated 3 years ago
- PowerShell script for deobfuscating encoded PowerShell scripts☆424Updated 4 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆906Updated 3 years ago
- IOC from articles, tweets for archives☆313Updated last year
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆243Updated 2 years ago
- A repository that maps commonly used attacks using MSRPC protocols to ATT&CK☆320Updated last year
- RDP Bitmap Cache parser☆510Updated last month
- Live forensic artifacts collector☆165Updated 8 months ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆168Updated 4 years ago
- ☆537Updated last year
- ☆301Updated 4 years ago
- Parses amcache.hve files, but with a twist!☆130Updated 2 months ago
- Lnk Explorer Command line edition!!☆290Updated 2 months ago
- Evade sysmon and windows event logging☆615Updated 4 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆150Updated 3 years ago
- Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …☆449Updated 2 years ago
- A modular C2 framework☆434Updated last month
- Setup scripts for my Malware Analysis VMs☆252Updated 3 years ago
- Tool Analysis Result Sheet☆347Updated 7 years ago
- Tool based on CobaltStrikeParser from SentinelOne which can be used to spam a CobaltStrike server with fake beacons☆367Updated 3 years ago
- Volatility plugins developed and maintained by the community☆355Updated 3 years ago
- ☆275Updated last year