H4NM / WhoYouCallingLinks
Records an executable's network activity into a Full Packet Capture file (.pcap) and much more.
☆452Updated last month
Alternatives and similar repositories for WhoYouCalling
Users that are interested in WhoYouCalling are comparing it to the libraries listed below
Sorting:
- PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.☆322Updated 7 months ago
- Nuke It From Orbit - remove AV/EDR with physical access☆269Updated last year
- PowerShell tools to help defenders hunt smarter, hunt harder.☆446Updated last month
- A GUI and CLI tool for removing bloat from executables☆435Updated 5 months ago
- An ADCS honeypot to catch attackers in your internal network.☆318Updated last year
- ScriptSentry finds misconfigured and dangerous logon scripts.☆614Updated 11 months ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆386Updated 2 months ago
- ☆270Updated 4 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆196Updated last month
- ☆514Updated last year
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆179Updated 6 months ago
- Wireshark RDP resources☆219Updated 6 months ago
- SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System☆165Updated 2 weeks ago
- LotL RMM☆264Updated last week
- A repository of credential stealer formats☆235Updated 6 months ago
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆434Updated this week
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆294Updated last month
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Updated 2 years ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆408Updated last year
- Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…☆1,058Updated last month
- A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities☆689Updated last year
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆987Updated 7 months ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆329Updated last year
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆333Updated 10 months ago
- Compiled tools for internal assessments☆363Updated last week
- A centralized and enhanced memory analysis platform☆510Updated 5 months ago
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆688Updated last month
- Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!☆431Updated last year
- A collection of methods to learn who the owner of an IP address is.☆181Updated 2 months ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆187Updated last year