MatthewDemaske / ThreatHuntingStuff
Useful Threat Hunting Stuff
☆31Updated 4 years ago
Alternatives and similar repositories for ThreatHuntingStuff:
Users that are interested in ThreatHuntingStuff are comparing it to the libraries listed below
- ☆41Updated 6 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆45Updated 7 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- A companion tool for BloodHound offering Active Directory statistics and number crunching☆65Updated 6 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆49Updated 6 years ago
- A sample bot for Cobalt Strike 3☆22Updated 8 years ago
- Automating those tasks which can or should be automated☆61Updated 7 years ago
- ☆84Updated 9 years ago
- Powershell Persistence Locator☆66Updated 8 years ago
- Talk given at DerbyCon and RuxCon 2016☆22Updated 8 years ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆69Updated 6 years ago
- An offensive Powershell console☆30Updated 9 years ago
- The AwesomerShell Code Sample☆50Updated 9 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆64Updated 7 years ago
- ☆58Updated 7 years ago
- Quick and dirty System (Power)Shell using NamedPipe impersonation.☆43Updated 8 years ago
- ☆19Updated 7 years ago
- SilkETW & SilkService☆40Updated 5 years ago
- Executes lateral movement through PowerPoint DCOM objects☆19Updated 7 years ago
- SMB Named Pipe shell☆64Updated 4 months ago
- Empire HTTP(S) C2 redirector setup script☆47Updated 6 years ago
- 504 VSAgent☆23Updated 7 years ago
- CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.☆36Updated 6 years ago
- Collection of scripts for interacting with AD Kerberos from Linux☆74Updated 6 years ago
- A powershell script that prints a lot of IP and connection info to the screen☆31Updated 8 years ago
- This is a quick POC for using the Matt Nelson (enigma0x3) technique for generating a malicious .SettingContent-ms extension type for remo…☆51Updated 6 years ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆75Updated 6 years ago
- ☆17Updated 7 years ago
- Quick PoC I Wrote for Bypassing Next Gen AV Remotely for Pentesting☆41Updated 6 years ago