Alternatives and similar repositories for conti_202202_leak_procedures

Users that are interested in conti_202202_leak_procedures are comparing it to the libraries listed below

• The-DFIR-Report / cyberchef-recipes

  View on GitHub
  ☆21May 8, 2022Updated 3 years ago
• dwmetz / PSHero

  View on GitHub
  PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.
  ☆36Jul 11, 2023Updated 2 years ago
• tsale / translated_conti_leaked_comms

  View on GitHub
  Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022
  ☆133Mar 2, 2022Updated 3 years ago
• k3idii / ION

  View on GitHub
  Indicators of Normality
  ☆11Jul 22, 2022Updated 3 years ago
• gajos112 / PowerShell-Timeliner

  View on GitHub
  ☆12Jun 3, 2022Updated 3 years ago
• bleedx-93 / Spoofi

  View on GitHub
  A simple tool to inject shellcode into the remote process with the ability to spoof parent process.
  ☆16Mar 18, 2021Updated 4 years ago
• OG-Sadpanda / SharpCat

  View on GitHub
  C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly
  ☆15Jul 15, 2021Updated 4 years ago
• jakob-source / falcon-crowdstrike

  View on GitHub
  A collection of searches, interesting events and tables on Crowdstrike Splunk.
  ☆30Mar 2, 2021Updated 4 years ago
• LaresLLC / AzureTokenExtractor

  View on GitHub
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆24May 20, 2023Updated 2 years ago
• omerbenamram / pymft-rs

  View on GitHub
  Python bindings for https://github.com/omerbenamram/mft
  ☆23Dec 23, 2025Updated last month
• jasonsford / IPScraper

  View on GitHub
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Feb 16, 2025Updated last year
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 3 years ago
• tsale / Threat-Intelligence-Playbooks

  View on GitHub
  High-level Threat Intelligence playbooks
  ☆20Mar 6, 2021Updated 4 years ago
• invictus-ir / IOCs

  View on GitHub
  Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
  ☆30Nov 26, 2025Updated 2 months ago
• DISREL / Conti-Leaked-Playbook-TTPs

  View on GitHub
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆41Oct 25, 2021Updated 4 years ago
• jklepsercyber / defender-detectionhistory-parser

  View on GitHub
  A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.
  ☆116Jan 26, 2022Updated 4 years ago
• scottleyg / SecOpsSamples

  View on GitHub
  Sample SecOps scripts and Utilities
  ☆12Jun 19, 2024Updated last year
• nrrpinto / inquisitor

  View on GitHub
  Forensics artifacts collection
  ☆21Jun 18, 2021Updated 4 years ago
• microsoft / tim-data-investigate-platform

  View on GitHub
  TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…
  ☆23Aug 7, 2024Updated last year
• matterpreter / SHAPESHIFTER

  View on GitHub
  Companion PoC for the "Adventures in Dynamic Evasion" blog post
  ☆130May 25, 2021Updated 4 years ago
• omerbenamram / winstructs

  View on GitHub
  Parsers for common structures across windows formats.
  ☆12Aug 23, 2023Updated 2 years ago
• forensicmatt / libtsk-rs

  View on GitHub
  Wrapper for TSK (Sleuth Kit) Bindings
  ☆12Jan 10, 2023Updated 3 years ago
• mandiant / vbScript_deobfuscator

  View on GitHub
  Help deobfuscate VBScript
  ☆18Jul 1, 2022Updated 3 years ago
• disruptops / assess_network

  View on GitHub
  Assess certain AWS network configurations
  ☆12Aug 22, 2018Updated 7 years ago
• elastic / sans-dfir-2022

  View on GitHub
  Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"
  ☆11Feb 6, 2025Updated last year
• randorisec / BSidesDublin2021-Workshops

  View on GitHub
  ☆13Mar 27, 2021Updated 4 years ago
• ProDefense / Avocado

  View on GitHub
  Avocado is a powerful C2 framework written in Python with stageless implants in Rust. Avocado's implant runs seamlessly on both Linux and…
  ☆26Apr 28, 2023Updated 2 years ago
• jasonsford / intel_collector

  View on GitHub
  Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.
  ☆31Nov 6, 2023Updated 2 years ago
• 3c7 / infrastructure-tracking-schema

  View on GitHub
  ☆24Sep 28, 2022Updated 3 years ago
• SecurityRiskAdvisors / msspray

  View on GitHub
  Password attacks and MFA validation against various endpoints in Azure and Office 365
  ☆153Feb 10, 2023Updated 3 years ago
• PhilKeeble / AWS-RedTeam-ADLab

  View on GitHub
  ☆120Jun 17, 2021Updated 4 years ago
• darkquasar / AzureHunter

  View on GitHub
  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
  ☆790Oct 29, 2022Updated 3 years ago
• VitthalS / Az-Blob-Attacker

  View on GitHub
  You can check below blog post on attacks related to azure storage.
  ☆13Apr 8, 2021Updated 4 years ago
• SneakyNachos / MalwareAnalysisTraining

  View on GitHub
  Work in Progress repo
  ☆15Apr 18, 2019Updated 6 years ago
• sumeshi / mft2es

  View on GitHub
  A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.
  ☆12Jun 23, 2025Updated 7 months ago
• AbdulRhmanAlfaifi / SDSParser-rs

  View on GitHub
  NTFS Security Descriptor Stream ($Secure:$SDS) parser
  ☆14Jan 9, 2023Updated 3 years ago
• 0x4143 / adversaryemulation-gems

  View on GitHub
  A not so awesome list of adversary emulation gems for aspiring red/blue/purple teamers
  ☆16Jul 19, 2022Updated 3 years ago
• emadshanab / admin-login

  View on GitHub
  ☆12Jun 16, 2021Updated 4 years ago
• trainr3kt / NoteThief

  View on GitHub
  Grab unsaved Notepad contents with a Beacon Object File
  ☆55Jun 19, 2022Updated 3 years ago