Qihoo360 / Luwak

Related projects: ⓘ

• theSecHunter / Hades
  Hades is an cross-platform HIDS with kernel-space data collection.
  ☆43Updated last year
• RF-CTI / SANS-summit
  ☆30Updated last year
• ainrm / cobaltstrike-suricata-rules
  17条检测cobaltstrike的suricata-ids规则
  ☆60Updated 2 years ago
• Canon88 / suricata-scripts
  ☆11Updated this week
• Blue-Team-CN / Attack-traffic-PACPs
  攻击流量包，辅助安全运营/分析人员，HVV蓝队工程师开展流量攻击研判工作
  ☆40Updated last year
• minhangxiaohui / cobaltstrikefakeup
  伪造cs上线流量，实现cs批量上线，欺骗防御
  ☆33Updated last year
• huifeidexingyuner / Hacker_analyse
  黑客画像构建以及威胁事件的预测，通过搜集各大黑客技术论坛的聊天记录，绘制任务的拓扑图，以及技能雷达图。同时进一步预测监控攻击事件的发生以及溯源
  ☆21Updated 5 years ago
• hangxin1940 / bladerazor
  由人工智能驱动的渗透测试解决方案
  ☆29Updated last month
• JamVayne / CobaltStrikeDos
  CVE-2021-36798: CobaltStrike < 4.4 Dos
  ☆103Updated 2 years ago
• satan1a / traffic-analysis-train
  对恶意流量分析的练习
  ☆18Updated 2 years ago
• burpheart / CS_mock
  模拟cobalt strike beacon上线包. Simulation cobalt strike beacon connection packet.
  ☆80Updated 2 years ago
• a232319779 / mmpi
  NextB的恶意邮件识别项目
  ☆25Updated last year
• G4rb3n / Script-Ganker
  恶意脚本检测分类工具
  ☆40Updated 3 years ago
• trganda / dockerv
  Vulnerability Environment Build with Dockerfile -> Docker Hub
  ☆15Updated last month
• hooog / webshellDc
  ☆19Updated 3 years ago
• al0ne / cloud-audit
  cloud-audit （云安全审计助手）是检测公有云厂商AK/SK泄漏被利用的工具，通过定期调用云平台接口审计日志，基于异常行为/黑特征/基线发现疑似入侵行为。
  ☆30Updated 3 months ago
• akkuman / EvilEye
  A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.
  ☆144Updated 2 years ago
• huoji120 / ai-webshell-detect
  机器学习检测webshell
  ☆64Updated 3 years ago
• merlinxcy / memory_execute_golang_elf
  内存加载执行golang elf二进制文件
  ☆17Updated 2 years ago
• huoji120 / DuckSysEye
  SysEye是一个window上的基于att&ck现代EDR设计思想的威胁响应工具.有效检测常见的未知威胁与已知威胁.防守方的利剑
  ☆61Updated 2 years ago
• nice0e3 / Cobaltstrike_4.3_Source
  ☆157Updated this week
• George-boop-svg / Chinese-hackers-use-WPS-to-attack
  WPS 0day.hen the wps software is running, an api interface with port 4709 will be opened. An attacker can request this interface to execu…
  ☆80Updated 3 weeks ago
• howmp / CobaltStrikeDetect
  CobaltStrikeDetect
  ☆45Updated 2 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆56Updated last year
• Tabll / gemnasium-db
  GitLab 依赖项扫描的咨询数据库，每天17:00自动更新
  ☆41Updated this week
• iiilin / inbtscan
  Python nbtstat + smb_version without third party packages
  ☆31Updated 3 years ago
• safest-place / ExploitPcapCollection
  collect some exploit traffic pcap
  ☆68Updated 4 months ago
• 0verSp4ce / Bundler
  PE学习小工具，它的作用就是将32位的PE文件的按内存对齐，然后合并所有节，接着新增一个节存放Shellcode，将程序入口位置修改到Shellcode的位置。
  ☆18Updated 2 years ago
• Buzz2d0 / bxl
  ☆28Updated this week
• dr0op / CrossC2
  generate CobaltStrike's cross-platform payload
  ☆33Updated 3 months ago