MalwareTech / CitrixHoneypot
Detect and log CVE-2019-19781 scan and exploitation attempts.
☆113Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for CitrixHoneypot
- Simulating Adversary Operations☆93Updated 6 years ago
- Toolset for research malware and Cobalt Strike beacons☆206Updated last year
- Miscellaneous Malware RE☆195Updated 2 years ago
- Automated Tactics Techniques & Procedures☆251Updated last year
- A toolkit for Security Researchers☆124Updated 5 years ago
- Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard☆104Updated 5 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆136Updated 6 years ago
- ☆166Updated 4 years ago
- Linux Incident Response☆89Updated 5 years ago
- A simple tool which could be useful to identify the exploits afflicting a Windows OS☆126Updated last year
- Responsive Command and Control System☆101Updated 2 years ago
- Nmap Script to scan for Winnti infections☆70Updated 6 years ago
- rules to identify files containing juicy information like usernames, passwords etc☆124Updated 6 years ago
- Pypykatz server☆124Updated 5 years ago
- Test Blue Team detections without running any attack.☆271Updated 6 months ago
- Valhalla API Client☆63Updated last year
- Linux Local Privesc Helper and Agent☆165Updated 4 years ago
- Slides from my talk in "Hackinparis" 2019 edition☆89Updated 5 years ago
- ☆279Updated 6 years ago
- Feed the tool a .nessus file and it will automatically get you MSF shell☆234Updated last year
- ☆98Updated 5 years ago
- A progressive, customizable armored SSH tunnel implant for Linux and MacOS systems☆133Updated 5 years ago
- SEC599 supporting GitHub repository☆15Updated 5 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆71Updated 3 years ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆105Updated 5 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆168Updated last year