Res260 / conti_202202_leak_proceduresView external linksLinks
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the channel.
☆87Mar 3, 2022Updated 3 years ago
Alternatives and similar repositories for conti_202202_leak_procedures
Users that are interested in conti_202202_leak_procedures are comparing it to the libraries listed below
Sorting:
- ☆21May 8, 2022Updated 3 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- Leaked communication of Conti ransomware group from Jan 29, 2021 to Feb 27, 2022☆133Mar 2, 2022Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- ☆12Jun 3, 2022Updated 3 years ago
- A simple tool to inject shellcode into the remote process with the ability to spoof parent process.☆16Mar 18, 2021Updated 4 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 4 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆24May 20, 2023Updated 2 years ago
- Python bindings for https://github.com/omerbenamram/mft☆23Dec 23, 2025Updated last month
- This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…☆18Feb 16, 2025Updated last year
- ☆33Feb 26, 2022Updated 3 years ago
- High-level Threat Intelligence playbooks☆20Mar 6, 2021Updated 4 years ago
- Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more☆30Nov 26, 2025Updated 2 months ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆41Oct 25, 2021Updated 4 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆116Jan 26, 2022Updated 4 years ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- Forensics artifacts collection☆21Jun 18, 2021Updated 4 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆130May 25, 2021Updated 4 years ago
- Parsers for common structures across windows formats.☆12Aug 23, 2023Updated 2 years ago
- Wrapper for TSK (Sleuth Kit) Bindings☆12Jan 10, 2023Updated 3 years ago
- Help deobfuscate VBScript☆18Jul 1, 2022Updated 3 years ago
- Assess certain AWS network configurations☆12Aug 22, 2018Updated 7 years ago
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- ☆13Mar 27, 2021Updated 4 years ago
- Avocado is a powerful C2 framework written in Python with stageless implants in Rust. Avocado's implant runs seamlessly on both Linux and…☆26Apr 28, 2023Updated 2 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Nov 6, 2023Updated 2 years ago
- ☆24Sep 28, 2022Updated 3 years ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Feb 10, 2023Updated 3 years ago
- ☆120Jun 17, 2021Updated 4 years ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆790Oct 29, 2022Updated 3 years ago
- You can check below blog post on attacks related to azure storage.☆13Apr 8, 2021Updated 4 years ago
- Work in Progress repo☆15Apr 18, 2019Updated 6 years ago
- A library for fast parse & import of Windows Master File Table($MFT) into Elasticsearch.☆12Jun 23, 2025Updated 7 months ago
- NTFS Security Descriptor Stream ($Secure:$SDS) parser☆14Jan 9, 2023Updated 3 years ago
- A not so awesome list of adversary emulation gems for aspiring red/blue/purple teamers☆16Jul 19, 2022Updated 3 years ago
- ☆12Jun 16, 2021Updated 4 years ago
- Grab unsaved Notepad contents with a Beacon Object File☆55Jun 19, 2022Updated 3 years ago