MatthewDemaske / ThreatHuntingStuffView external linksLinks
Useful Threat Hunting Stuff
☆32Sep 1, 2020Updated 5 years ago
Alternatives and similar repositories for ThreatHuntingStuff
Users that are interested in ThreatHuntingStuff are comparing it to the libraries listed below
Sorting:
- ☆16May 6, 2015Updated 10 years ago
- ☆94Nov 1, 2018Updated 7 years ago
- Repo contains code for our DerbyCon 2016 talk comparing Binary Ninja and IDA Pro.☆10Sep 18, 2016Updated 9 years ago
- Generate HTTPS reports based on scan data☆15Updated this week
- FWRF is a open source tool for firmware web-side analysis.☆11Aug 27, 2015Updated 10 years ago
- Monitoring tool to detect patterns or IOCs (strings, regex, VirusTotal) and alert you and your team via console, Telegram or SMS written …☆18Dec 1, 2025Updated 2 months ago
- Generate AWS Lambda environment zip files for use by cisagov/domain-scan☆12Oct 11, 2023Updated 2 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆33May 3, 2024Updated last year
- Port of eternal blue exploits to powershell☆151Jun 3, 2017Updated 8 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- ☆16Dec 14, 2017Updated 8 years ago
- NTFSx is a tool for extracting files from an NTFS filesystem that are otherwise inaccessible.☆14Jul 26, 2013Updated 12 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Oct 6, 2017Updated 8 years ago
- Vault of Windows Registry forensic artifacts☆26Nov 12, 2025Updated 3 months ago
- ClickForClickOnce - Generate configurable clickonce payloads☆88Oct 10, 2025Updated 4 months ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 7 months ago
- A simple tool to inject shellcode into the remote process with the ability to spoof parent process.☆16Mar 18, 2021Updated 4 years ago
- ☆20Sep 8, 2019Updated 6 years ago
- Cobalt Strike SCT payload obfuscator☆143Jul 7, 2017Updated 8 years ago
- PoC of injecting code into a running Linux process☆23Sep 11, 2019Updated 6 years ago
- Generates anti-sandbox analysis HTA files without payloads☆16Mar 16, 2017Updated 8 years ago
- ☆16Jul 7, 2020Updated 5 years ago
- Multi-thread AzureAD Autologon SSO Password Sprayer.☆37Oct 9, 2021Updated 4 years ago
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Apr 23, 2020Updated 5 years ago
- A suite of CLI tools I built to automate some of the tedious parts of exploit development (specifically, crafting Buffer Overflow Exploit…☆38Feb 21, 2016Updated 9 years ago
- ☆29Oct 17, 2018Updated 7 years ago
- DEPRECATED! LOOK AT CREDNINJA! A tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a …☆15Jun 24, 2016Updated 9 years ago
- Monitor JSON notifications feed from VT☆17Jun 13, 2017Updated 8 years ago
- Bypassing User Account Control (UAC) using TpmInit.exe☆44Sep 26, 2016Updated 9 years ago
- A Dockerized build pipeline for custom Windows x64 shellcode☆53Dec 12, 2025Updated 2 months ago
- OVAL Documentation☆15Aug 4, 2017Updated 8 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- ☆44Nov 7, 2024Updated last year
- metasploit loader with antivirus bypass module☆18Jun 26, 2016Updated 9 years ago
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆39Jul 29, 2025Updated 6 months ago
- misc scripts☆35Oct 23, 2018Updated 7 years ago
- Open Source software from The MITRE Corporation☆25Jun 4, 2024Updated last year
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆526Apr 14, 2023Updated 2 years ago