Hubbl3 / ThreatCheck
Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
☆12Updated 11 months ago
Alternatives and similar repositories for ThreatCheck:
Users that are interested in ThreatCheck are comparing it to the libraries listed below
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 10 months ago
- Scripts to interact with Microsoft Graph APIs☆36Updated 5 months ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆24Updated last month
- ☆23Updated last month
- Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.☆13Updated 9 months ago
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆11Updated 3 weeks ago
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆18Updated 2 months ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- ☆48Updated 2 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Updated last year
- ☆18Updated 4 months ago
- in-process powershell runner for BRC4☆45Updated last year
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆52Updated 11 months ago
- ☆41Updated last week
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 11 months ago
- Extract registry and NTDS secrets from local or remote disk images☆40Updated last month
- ☆27Updated last year
- ☆15Updated last year
- ☆16Updated last year
- ☆19Updated 4 months ago
- Validates priv escalation of AD trusts☆39Updated 3 weeks ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- ☆44Updated 9 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆28Updated last week
- BOF for C2 framework☆41Updated 5 months ago
- A simple rpc2socks alternative in pure Go.☆28Updated 9 months ago
- ☆34Updated 3 weeks ago
- A lightweight HTTP/HTTPS reverse proxy for efficient, policy-based traffic filtering and redirection.☆44Updated last year