NybbleHub / Bluekeep-Detection-RuleLinks
Bluekeep detection rule by using Apache Flink CEP (Complex Event Processing) Library and Markov Chain.
☆9Updated 5 years ago
Alternatives and similar repositories for Bluekeep-Detection-Rule
Users that are interested in Bluekeep-Detection-Rule are comparing it to the libraries listed below
Sorting:
- Suricata rule and intel index☆30Updated 2 months ago
- All necessary code in order to feed Sysmon data into Recurrent Neural Network☆17Updated 4 years ago
- Pcaps for PeddleCheap and implant communication + script for interpreting and decrypting pcaps.☆15Updated 7 years ago
- Collection of malware ioc hashes from blog posts. A Python script is provided to search through it.☆17Updated 4 years ago
- ☆24Updated 5 years ago
- Simplified go-cat agent for caldera☆10Updated last year
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- A set of YARA rules for the AIL framework to detect leak or information disclosure☆38Updated 4 months ago
- Monitor and prevent unexpected behavior of Java programs.☆14Updated 3 years ago
- 威胁检测规则集☆15Updated 5 years ago
- Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.☆19Updated 3 years ago
- Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals☆14Updated 5 years ago
- ssdeep cluster analysis for malware files☆30Updated 5 years ago
- Links to malware-related YARA rules☆15Updated 2 years ago
- Apfell implant written in C#.☆8Updated 4 years ago
- ☆20Updated 5 years ago
- ☆12Updated 7 years ago
- Is this IP a C2 server?☆28Updated 5 years ago
- Plaform independent reverse shell over https☆11Updated 5 years ago
- Community maintained list of most popular HIPS service and process names on a Windows Platform.☆43Updated 2 years ago
- ☆41Updated 2 years ago
- Maintain Windows Persistence with an evil Netshell Helper DLL☆12Updated 6 years ago
- Look into EDR events from network☆23Updated last month
- The code in this repository which function is to extract the shellcode from the maldoc.☆10Updated last year
- Tool to decrypt the configuration of NanoCore and dump all used plugins☆10Updated 4 years ago
- HTTP Protocol Stack CVE-2021-31166☆13Updated 7 months ago
- This tool is designed to simplify and automate the extraction and organization of useful data from Cobalt Strike logs.☆18Updated 6 years ago
- a exec jsp shell, simply like weevely php C/S shell.☆14Updated 2 years ago
- ☆9Updated 8 years ago
- Example of async client/server sockets in .NET 5☆17Updated 3 years ago