Insane-Forensics / drovorub-hunt
A tool to assist with network-based hunting for GRU's Drovorub malware c2
☆25Updated 4 years ago
Related projects: ⓘ
- A list of IOCs applicable to PoshC2☆23Updated 4 years ago
- Repository for LNK stuff☆27Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 4 years ago
- C# User Simulation☆33Updated last year
- Site for IWS book content☆18Updated 5 years ago
- ☆42Updated last year
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 2 years ago
- Public repository for Red Canary Research☆33Updated 3 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆28Updated 6 years ago
- Exfiltration based on custom X509 certificates☆25Updated 6 months ago
- ☆22Updated last year
- ☆22Updated 3 years ago
- ☆16Updated 7 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆23Updated 5 years ago
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Updated 4 years ago
- dankAlerts is powered by Sysmon and Memes. Would you notice if a suspicious process was recorded in the event log?☆17Updated 4 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Updated 4 years ago
- IcedID Decryption Tool☆27Updated 3 years ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆32Updated 2 years ago
- Cybersecurity Incidents Mind Maps☆32Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- Gunslinger is used to hunt for Magecart sites using URLScan's API☆30Updated 2 years ago
- A cover story generator for people who Need Quick Covers On Operations☆13Updated 4 years ago
- pypykatz plugin for volatility3 framework☆30Updated 5 months ago
- The Purpose of this research tool is to provide a Python client into RiskIQ API services.☆22Updated 3 years ago
- Cyberdelia, a Collection of Command and Control frameworks☆63Updated 4 years ago
- Yara rules☆18Updated last year
- Analytics for Accounting logs from Network devices☆16Updated 3 years ago
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆41Updated 3 years ago
- Data exfiltration utility for testing detection capabilities☆57Updated 2 years ago