Immersive-Labs-Sec / SliverC2-ForensicsLinks
A collection of tools and detections for the Sliver C2 Frameworj
☆127Updated 2 years ago
Alternatives and similar repositories for SliverC2-Forensics
Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below
Sorting:
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆276Updated last year
- Detect WFP filters blocking EDR communications☆91Updated last year
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆314Updated last year
- A collection of tools, scripts and personal research☆131Updated 2 months ago
- Windows Persistence IT-Security☆100Updated 3 months ago
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆231Updated last year
- Find potential DLL Sideloads on your windows computer☆208Updated 5 months ago
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆178Updated 2 months ago
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- Kill AV/EDR leveraging BYOVD attack☆360Updated last year
- PoCs of RCEs against open source C2 servers☆83Updated 8 months ago
- ☆188Updated last year
- https://lolad-project.github.io/☆77Updated 5 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆213Updated 2 years ago
- ☆184Updated 2 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆153Updated 3 years ago
- Configuration Extractors for Malware☆106Updated 2 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆172Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated 11 months ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Active C&C Detector☆154Updated last year
- ☆119Updated last year
- ShellSweeping the evil.☆168Updated 6 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- A C# based tool for analysing malicious OneNote documents☆114Updated 2 years ago
- ☆37Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 4 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆131Updated 7 months ago