Res260 / conti_202202_leak_procedures

Related projects: ⓘ

• LOLDrivers-Project / LOLDrivers-Project.github.io
  ☆21Updated this week
• ashemery / WindowsDFIR
  Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…
  ☆73Updated 3 years ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆92Updated 10 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆86Updated last year
• hackjalstead / IRCP
  A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments
  ☆64Updated 2 years ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆148Updated 11 months ago
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆144Updated last year
• elementalsouls / DumpLSASS
  ☆34Updated 6 months ago
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆62Updated 2 years ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆66Updated 6 months ago
• nyxgeek / track_the_planet
  DEFCON 31
  ☆57Updated 2 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 4 months ago
• sans-blue-team / DNS-Exfiltrate
  ☆22Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆61Updated 5 months ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• Neo23x0 / tiny-shells
  All kinds of tiny shells
  ☆59Updated last year
• silence-is-best / files
  ☆94Updated 3 years ago
• tothi / smbmap
  SMBMap is a handy SMB enumeration tool - here with Kerberos support
  ☆74Updated 2 years ago
• SecurityRiskAdvisors / indexes
  Test case indexes
  ☆35Updated 2 months ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• joswr1ght / s3logparse
  Simple parser to get useful information from AWS S3 logs
  ☆24Updated 3 years ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• nov3mb3r / trident
  A PowerShell incident response script for quick triage
  ☆75Updated 2 years ago
• DefensiveOrigins / DO-LAB
  ☆42Updated 3 months ago
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆100Updated last year
• SentineLabs / SentinelLabs_RevCore_Tools
  The Windows Malware Analysis Reversing Core Tools
  ☆88Updated 3 years ago
• BC-SECURITY / Long-Live-The-Empire
  A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…
  ☆97Updated last year
• splunk / melting-cobalt
  A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
  ☆162Updated last year