Alternatives and similar repositories for SliverC2-Forensics:

Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below

• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆272Updated last year
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆164Updated 3 weeks ago
• ElJaviLuki / CobaltStrike_OpenBeacon
  Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…
  ☆226Updated last year
• flostyen / windows-persistence
  Windows Persistence IT-Security
  ☆97Updated last month
• ajm4n / DLLHound
  Find potential DLL Sideloads on your windows computer
  ☆204Updated 3 months ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆86Updated last year
• floesen / EventLogCrasher
  ☆186Updated last year
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆123Updated 3 months ago
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆141Updated 9 months ago
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆311Updated last year
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆148Updated last year
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆128Updated last month
• RussianPanda95 / Configuration_extractors
  Configuration Extractors for Malware
  ☆104Updated 2 weeks ago
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆82Updated 7 months ago
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆164Updated 5 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆151Updated last year
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆178Updated last year
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆154Updated last year
• LOLAD-Project / LOLAD-Project.github.io
  https://lolad-project.github.io/
  ☆74Updated 4 months ago
• Wh04m1001 / SysmonEoP
  ☆183Updated 2 years ago
• Helixo32 / NimBlackout
  Kill AV/EDR leveraging BYOVD attack
  ☆353Updated last year
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆152Updated 3 years ago
• eric-conrad / c2-talk
  ☆37Updated last year
• sensepost / mydumbedr
  ☆119Updated last year
• lolc2 / lolc2.github.io
  lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection
  ☆202Updated last week
• fox-it / dissect.cobaltstrike
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆165Updated last month
• StrikeReady-Inc / samples
  shared samples from #dailyphish and/or #apt tweets
  ☆39Updated last week
• gsmith257-cyber / better-sliver
  Adversary Emulation Framework
  ☆98Updated 9 months ago