Immersive-Labs-Sec / BruteRatel-DetectionToolsView external linksLinks
A collection of Tools and Rules for decoding Brute Ratel C4 badgers
☆66Jul 7, 2022Updated 3 years ago
Alternatives and similar repositories for BruteRatel-DetectionTools
Users that are interested in BruteRatel-DetectionTools are comparing it to the libraries listed below
Sorting:
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- Here are some tools I developed to help analyze malware☆11Nov 8, 2023Updated 2 years ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- This repository contains scripts, configurations and deprecated payload loaders for Brute Ratel C4 (https://bruteratel.com/)☆292Aug 5, 2024Updated last year
- Python script for parsing ESET (NOD32) virlog.dat file.☆14Sep 28, 2017Updated 8 years ago
- Windows file metadata / forensic tool.☆18Oct 12, 2025Updated 4 months ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆273May 5, 2021Updated 4 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- This repository provides the core to build your own External C2 Server and Connector for Brute Ratel C4☆55May 8, 2022Updated 3 years ago
- ☆22Jan 31, 2023Updated 3 years ago
- ☆21May 8, 2022Updated 3 years ago
- ☆18Mar 26, 2024Updated last year
- Active C2 IoCs☆99Nov 28, 2022Updated 3 years ago
- ☆113Sep 10, 2025Updated 5 months ago
- Stand-alone parser for User Access Logging from Server 2012 and newer systems☆78Jan 9, 2024Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆953Feb 2, 2026Updated last week
- Simple PowerShell script to enable process scanning with Yara.☆98Oct 4, 2022Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆264Nov 25, 2023Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆212May 16, 2022Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆73Sep 10, 2024Updated last year
- dump lsass☆37May 24, 2022Updated 3 years ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Jul 27, 2022Updated 3 years ago
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- macOS Endpoint Security Message Analysis Tool☆47Jan 31, 2022Updated 4 years ago
- python ShellCode Loader (Cobaltstrike&Metasploit)☆20Nov 28, 2019Updated 6 years ago
- ☆24Mar 12, 2025Updated 11 months ago
- A little tool to filter the stranger strings from a binary so you can analyze the good ones☆52Sep 11, 2025Updated 5 months ago
- Metarget技术交流群分享内容定期存档☆12Oct 22, 2021Updated 4 years ago
- Plaform independent reverse shell over https☆11Mar 2, 2020Updated 5 years ago
- VB Exe Parser is an IDA script written in Python. This script will help you to parse VB program internal structures. It can find: Event, …☆17Oct 8, 2016Updated 9 years ago
- Compiled executables of common crypto and encoding algorithms☆16Oct 3, 2023Updated 2 years ago
- ☆12Jun 22, 2022Updated 3 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.☆119Apr 8, 2023Updated 2 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- A list of RMMs designed to be used in automation to build alerts☆117Nov 9, 2025Updated 3 months ago
- ☆138Apr 20, 2023Updated 2 years ago