Immersive-Labs-Sec / SliverC2-ForensicsLinks
A collection of tools and detections for the Sliver C2 Frameworj
☆126Updated 2 years ago
Alternatives and similar repositories for SliverC2-Forensics
Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below
Sorting:
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆276Updated last year
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- Find potential DLL Sideloads on your windows computer☆206Updated 4 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 10 months ago
- Windows Persistence IT-Security☆100Updated 2 months ago
- A collection of tools, scripts and personal research☆128Updated last month
- Detect WFP filters blocking EDR communications☆89Updated last year
- Kill AV/EDR leveraging BYOVD attack☆359Updated last year
- ☆188Updated last year
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆231Updated last year
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆172Updated last month
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆311Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆170Updated 2 weeks ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆152Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 4 months ago
- ☆277Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆210Updated 2 years ago
- ☆299Updated 7 months ago
- ☆119Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆190Updated last year
- ☆164Updated last year
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- ☆141Updated 9 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆200Updated 7 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆131Updated 6 months ago
- ☆183Updated 2 years ago
- Tool for viewing NTDS.dit☆167Updated 2 months ago
- Tools for analyzing EDR agents☆228Updated 11 months ago
- A small utility to translate NTDS.dit files to SQLite format.☆73Updated last year