MichaelKoczwara / Awesome-CobaltStrike-Defence
Defences against Cobalt Strike
☆1,282Updated 2 years ago
Alternatives and similar repositories for Awesome-CobaltStrike-Defence:
Users that are interested in Awesome-CobaltStrike-Defence are comparing it to the libraries listed below
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,304Updated 4 months ago
- An Active Defense and EDR software to empower Blue Teams☆1,268Updated last year
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,586Updated 2 years ago
- ☆1,047Updated last year
- A collection of red team and adversary emulation resources developed and released by MITRE.☆498Updated 3 years ago
- Some notes and examples for cobalt strike's functionality☆1,010Updated 3 years ago
- ☆2,062Updated 2 years ago
- A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.☆1,889Updated 3 weeks ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆904Updated 3 years ago
- Open Source EDR for Windows☆1,199Updated 2 years ago
- PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…☆796Updated 3 months ago
- Extract credentials from lsass remotely☆2,100Updated 2 months ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,085Updated 3 years ago
- Open source pre-operation C2 server based on python and powershell☆747Updated 3 years ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆707Updated 2 years ago
- Bloodhound Reporting for Blue and Purple Teams☆1,166Updated last month
- A curated list of awesome resources related to Mitre ATT&CK™ Framework☆595Updated 5 years ago
- Windows Events Attack Samples☆2,326Updated 2 years ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆892Updated last month
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,444Updated this week
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,795Updated last year
- Tools for hunting for threats.☆579Updated 5 months ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,145Updated last year
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆844Updated 3 years ago
- All sysmon event types and their fields explained☆547Updated 3 years ago
- An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR☆2,234Updated last year
- The swiss army knife of LSASS dumping☆1,893Updated 6 months ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,475Updated last year
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆1,495Updated last year
- Elastic Security detection content for Endpoint☆1,142Updated this week