Canary Detection
☆190Oct 20, 2025Updated 4 months ago
Alternatives and similar repositories for IndicatorOfCanary
Users that are interested in IndicatorOfCanary are comparing it to the libraries listed below
Sorting:
- ☆121Nov 21, 2024Updated last year
- Utility to craft HTML or SVG smuggled files for Red Team engagements☆245Mar 19, 2024Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Feb 29, 2024Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago
- DEFCON 31 slide deck and video link☆66Jun 2, 2025Updated 8 months ago
- Leak NTLM via Website tab in teams via MS Office☆78Mar 28, 2024Updated last year
- ☆190Nov 21, 2024Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- Decrypt Veeam database passwords☆222Dec 8, 2025Updated 2 months ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Azure DevOps Services Attack Toolkit☆314Mar 15, 2025Updated 11 months ago
- An ADCS honeypot to catch attackers in your internal network.☆324Jun 27, 2024Updated last year
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆63Aug 25, 2022Updated 3 years ago
- Okta Verify and Okta FastPass Abuse Tool☆339Sep 4, 2024Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127May 28, 2024Updated last year
- a tool to help operate in EDRs' blind spots☆767Dec 2, 2024Updated last year
- Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking☆148May 23, 2024Updated last year
- Nuke It From Orbit - remove AV/EDR with physical access☆274Dec 8, 2024Updated last year
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 7 months ago
- ☆216Mar 26, 2024Updated last year
- A Mythic Agent written in PIC C.☆207Feb 4, 2025Updated last year
- Retired TrustedSec Capabilities☆248Jan 5, 2026Updated last month
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated 11 months ago
- slides for talk given during uscg 2023 combine☆38Sep 6, 2023Updated 2 years ago
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- ☆65Mar 15, 2024Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- An offensive data enrichment pipeline☆919Updated this week
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆323Oct 12, 2025Updated 4 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆817Feb 17, 2025Updated last year
- ☆301Oct 29, 2024Updated last year
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year