Res260 / conti_202202_leak_procedures
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.
☆87Updated 2 years ago
Related projects: ⓘ
- ☆21Updated this week
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆73Updated 3 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆92Updated 10 months ago
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- Active C&C Detector☆148Updated 11 months ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆144Updated last year
- ☆34Updated 6 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Tool to extract powerful tokens from Office desktop apps memory☆66Updated 6 months ago
- DEFCON 31☆57Updated 2 months ago
- Pushes Sysmon Configs☆89Updated 3 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- ☆22Updated last year
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆61Updated 5 months ago
- Yara Rules for Modern Malware☆68Updated 6 months ago
- All kinds of tiny shells☆59Updated last year
- ☆94Updated 3 years ago
- SMBMap is a handy SMB enumeration tool - here with Kerberos support☆74Updated 2 years ago
- Test case indexes☆35Updated 2 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Simple parser to get useful information from AWS S3 logs☆24Updated 3 years ago
- Bloodhound Portable for Windows☆51Updated last year
- A PowerShell incident response script for quick triage☆75Updated 2 years ago
- ☆42Updated 3 months ago
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆100Updated last year
- The Windows Malware Analysis Reversing Core Tools☆88Updated 3 years ago
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆97Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆162Updated last year