Immersive-Labs-Sec / SliverC2-ForensicsLinks
A collection of tools and detections for the Sliver C2 Frameworj
☆130Updated 2 years ago
Alternatives and similar repositories for SliverC2-Forensics
Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below
Sorting:
- Detect WFP filters blocking EDR communications☆93Updated last year
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆220Updated 2 years ago
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆280Updated 2 years ago
- An interactive shell to spoof some LOLBins command line☆186Updated last year
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆88Updated last year
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆248Updated last year
- Extract C2 Traffic☆252Updated 10 months ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- ☆189Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- Configuration Extractors for Malware☆113Updated 5 months ago
- Retrieve inner payloads from Donut samples☆108Updated last year
- Windows Persistence IT-Security☆105Updated 6 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- A ProcessMonitor visualization application written in rust.☆184Updated 2 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆177Updated 3 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Updated 2 years ago
- ☆322Updated last month
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 8 months ago
- ☆121Updated last year
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆243Updated 4 months ago
- Default Detections for EDR☆96Updated last year
- ☆185Updated 2 years ago
- shared samples from #dailyphish and/or #apt tweets☆41Updated last month
- ☆82Updated 10 months ago
- PoCs of RCEs against open source C2 servers☆87Updated last year
- ☆164Updated last year
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆163Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- ☆37Updated last year