H4NM / WhoYouCalling
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
☆372Updated 3 weeks ago
Alternatives and similar repositories for WhoYouCalling:
Users that are interested in WhoYouCalling are comparing it to the libraries listed below
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆315Updated 5 months ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆368Updated 2 months ago
- ScriptSentry finds misconfigured and dangerous logon scripts.☆485Updated 3 months ago
- PowerShell tools to help defenders hunt smarter, hunt harder.☆331Updated 3 weeks ago
- Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…☆892Updated last week
- Nuke It From Orbit - remove AV/EDR with physical access☆257Updated 3 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆167Updated last month
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆609Updated 3 weeks ago
- ☆204Updated this week
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆451Updated last week
- Assess the security of your Active Directory with few or all privileges.☆305Updated 2 weeks ago
- An ADCS honeypot to catch attackers in your internal network.☆284Updated 9 months ago
- A GUI and CLI tool for removing bloat from executables☆387Updated 2 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆270Updated last week
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆391Updated 6 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆192Updated 2 months ago
- PowerShell Digital Forensics & Incident Response Scripts.☆589Updated last month
- Active Directory delegation management tool☆292Updated last year
- A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.☆1,061Updated this week
- PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains…☆767Updated last month
- ☆200Updated 5 months ago
- Python tool to check rootkits in Windows kernel☆195Updated last month
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆668Updated last month
- Analyze pcaps with Zeek and a Grafana Dashboard☆174Updated 10 months ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆272Updated 7 months ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆147Updated 6 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆262Updated 2 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆250Updated last year
- Documentation and scripts to properly enable Windows event logs.☆597Updated last year
- Wireshark RDP resources☆210Updated last month