This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions
☆47Jun 12, 2024Updated last year
Alternatives and similar repositories for APT29-Adversary-Simulation
Users that are interested in APT29-Adversary-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Jun 12, 2024Updated last year
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆28Updated this week
- slides for talk given during uscg 2023 combine☆38Sep 6, 2023Updated 2 years ago
- This is a simulation of attack by (Voodoo Bear) APT group targeting entities in Eastern Europe the attack campaign was active as early as…☆11Jun 19, 2024Updated last year
- ☆26Nov 7, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Sep 15, 2023Updated 2 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆113Jan 12, 2024Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆32Oct 2, 2025Updated 7 months ago
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated 2 years ago
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆104Apr 29, 2026Updated last week
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆63May 3, 2024Updated 2 years ago
- This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom …☆1,075Apr 27, 2026Updated last week
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated last year
- ☆109Oct 29, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- NIST Cybersecurity Framework (CSF) Profile Assessment Tool - Track controls, assign ownership, document findings, score security states, …☆34Updated this week
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- C2 Infrastructure Automation☆119Jun 21, 2025Updated 10 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆95Jul 7, 2025Updated 10 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 6 months ago
- Notion C2 Profile for Mythic☆45Apr 30, 2026Updated last week
- ☆11Dec 8, 2023Updated 2 years ago
- ☆79Aug 5, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last month
- Examples of various container types for Python and Golang☆16Aug 29, 2025Updated 8 months ago
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆519Aug 14, 2025Updated 8 months ago
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆111Aug 17, 2024Updated last year
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆33Aug 16, 2023Updated 2 years ago
- ☆39Mar 28, 2025Updated last year
- An Vulnerability detection and Exploitation tool for CVE-2024-24919☆25Jun 5, 2024Updated last year
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆132Dec 24, 2025Updated 4 months ago
- Your Skyfall Infrastructure Pack☆99Apr 10, 2026Updated 3 weeks ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆192Mar 4, 2024Updated 2 years ago
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- ☆262Jul 31, 2024Updated last year
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆53May 5, 2025Updated last year
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆441Jul 8, 2024Updated last year
- malware written for educational purposes☆72Dec 31, 2025Updated 4 months ago