Droogy / Malware-Study
A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.
☆14Updated 3 years ago
Alternatives and similar repositories for Malware-Study:
Users that are interested in Malware-Study are comparing it to the libraries listed below
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆17Updated 3 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 4 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Tradecraft Development Fundamentals☆40Updated 3 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- Service Enumeration C# .NET Assembly☆59Updated 3 years ago
- ☆13Updated last year
- Log converter from CS log to Ghostwriter CSV☆29Updated 4 years ago
- ☆15Updated 3 years ago
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Updated 3 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆46Updated 3 years ago
- ☆41Updated 2 years ago
- Post-exploitation tool for attacking Active Directory domain controllers☆17Updated 2 years ago
- ☆12Updated 5 years ago
- Spin up RedTeam infrastructure on AWS via Ansible☆59Updated 4 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆23Updated 2 years ago
- ☆47Updated 4 years ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆24Updated 3 years ago
- An Ansible role to install cobalt-strike�☆16Updated 4 years ago
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆25Updated last year
- Bypass Constrained Language Mode in PowerShell☆27Updated 5 years ago
- A more obfuscated CactusTorch targeted towards office☆32Updated 3 years ago
- A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…☆19Updated 2 years ago
- rustyIron is a tool that takes advantage of functionality within Ivanti's MobileIron MDM solution to perform single-factor authentication…☆43Updated 3 years ago
- Walking the PEB in VBA☆22Updated 4 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago
- Zoom Persistence Aggressor and Handler☆54Updated 3 years ago