SunBurst DGA Decode Script
☆205Jan 10, 2021Updated 5 years ago
Alternatives and similar repositories for SunBurst_DGA_Decode
Users that are interested in SunBurst_DGA_Decode are comparing it to the libraries listed below
Sorting:
- ☆100Dec 21, 2020Updated 5 years ago
- ☆560Jun 1, 2023Updated 2 years ago
- SolarWinds Orion Account Audit / Password Dumping Utility☆354Oct 9, 2023Updated 2 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- A cover story generator for people who Need Quick Covers On Operations☆13May 17, 2020Updated 5 years ago
- ☆2,665Mar 5, 2024Updated 2 years ago
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,430Dec 27, 2022Updated 3 years ago
- ☆645Jun 6, 2023Updated 2 years ago
- Defences against Cobalt Strike☆1,296Jul 14, 2022Updated 3 years ago
- A specialized implementation of the Hierarchical Navigable Small World (HNSW) data structure adapted for efficient nearest neighbor looku…☆10Updated this week
- Get random bytes from the TPM (tool + BCrypt RNG provider)☆17Nov 3, 2020Updated 5 years ago
- Repository with all the Solarwinds Vulnerability information I've been tracking and using for communications, review, and technical under…☆25Dec 19, 2020Updated 5 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- Windows Events Attack Samples☆2,517Jan 24, 2023Updated 3 years ago
- Parses DNS responses in a secure, rigorous manner☆22Jul 24, 2020Updated 5 years ago
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,174Jul 26, 2023Updated 2 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- Nmap Script to scan for Winnti infections☆71May 22, 2018Updated 7 years ago
- This repository is a curated list of pro bono incident response entities.☆21Jun 21, 2023Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- #️⃣ 🕸️ 👤 HTTP Headers Hashing☆13Aug 27, 2023Updated 2 years ago
- Artifacts of the USENIX Security 2022 paper "Spoki: Unveiling a New Wave of Scanners through a Reactive Network Telescope"☆18Dec 8, 2024Updated last year
- Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized☆16Feb 15, 2024Updated 2 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆272May 5, 2021Updated 4 years ago
- Detect Tactics, Techniques & Combat Threats☆2,264Jan 21, 2026Updated last month
- Python script to detect bluekeep vulnerability (CVE-2019-0708) with TLS/SSL and x509 support☆27Jun 12, 2019Updated 6 years ago
- ☆23Jun 1, 2023Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Nov 27, 2020Updated 5 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- The FLARE team's open-source tool to identify capabilities in executable files.☆5,862Updated this week
- CISOinaBox is a free community framework to organize tools, templates, and resources to help equip new CISOs and set them up for success.…☆31Feb 25, 2026Updated last week
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆354Oct 6, 2021Updated 4 years ago
- simple YARA-based IOC scanner☆176Jan 9, 2026Updated last month
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Dec 23, 2020Updated 5 years ago
- A tool to assist with network-based hunting for GRU's Drovorub malware c2☆25Aug 28, 2020Updated 5 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,874Aug 18, 2023Updated 2 years ago
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,549Feb 10, 2026Updated 3 weeks ago
- Automatic YARA rule generation for Malpedia☆168Sep 8, 2022Updated 3 years ago
- Remote Code Execution Exploit for Citrix Application Delivery Controller and Citrix Gateway [ CVE-2019-19781 ]☆368Jan 18, 2020Updated 6 years ago