Immersive-Labs-Sec / SliverC2-ForensicsLinks
A collection of tools and detections for the Sliver C2 Frameworj
☆128Updated 2 years ago
Alternatives and similar repositories for SliverC2-Forensics
Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below
Sorting:
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆214Updated 2 years ago
- Detect WFP filters blocking EDR communications☆93Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆279Updated 2 years ago
- Windows Persistence IT-Security☆103Updated 4 months ago
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for secu…☆236Updated last year
- Extract C2 Traffic☆249Updated 8 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆129Updated 6 months ago
- Retrieve inner payloads from Donut samples☆104Updated last year
- An interactive shell to spoof some LOLBins command line☆185Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- Configuration Extractors for Malware☆110Updated 3 months ago
- ☆188Updated last year
- ☆118Updated last year
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆313Updated last year
- shared samples from #dailyphish and/or #apt tweets☆41Updated last week
- lolC2 is a collection of C2 frameworks that leverage legitimate services to evade detection☆229Updated 2 months ago
- ☆37Updated last year
- A collection of tools, scripts and personal research☆140Updated last month
- Default Detections for EDR☆96Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- https://lolad-project.github.io/☆79Updated 7 months ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆173Updated last month
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆132Updated 8 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆156Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- PoCs of RCEs against open source C2 servers☆86Updated 10 months ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago