This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions
☆47Jun 12, 2024Updated 2 years ago
Alternatives and similar repositories for APT29-Adversary-Simulation
Users that are interested in APT29-Adversary-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Jun 12, 2024Updated 2 years ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆28Jun 9, 2026Updated last week
- slides for talk given during uscg 2023 combine☆37Sep 6, 2023Updated 2 years ago
- This is a simulation of attack by (Voodoo Bear) APT group targeting entities in Eastern Europe the attack campaign was active as early as…☆11Jun 19, 2024Updated last year
- ☆25Nov 7, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆24Sep 15, 2023Updated 2 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆113Jan 12, 2024Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆32Oct 2, 2025Updated 8 months ago
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated 2 years ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆63May 3, 2024Updated 2 years ago
- This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom …☆1,086Jun 7, 2026Updated last week
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated 2 years ago
- ☆109Oct 29, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆26Mar 12, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- C2 Infrastructure Automation☆119Jun 21, 2025Updated 11 months ago
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆97Jul 7, 2025Updated 11 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆109Nov 7, 2025Updated 7 months ago
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated last month
- ☆11Dec 8, 2023Updated 2 years ago
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆138Jun 10, 2026Updated last week
- ☆80Aug 5, 2024Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆15Apr 2, 2026Updated 2 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Examples of various container types for Python and Golang☆17Aug 29, 2025Updated 9 months ago
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆521Jun 9, 2026Updated last week
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆111Aug 17, 2024Updated last year
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆33Aug 16, 2023Updated 2 years ago
- ☆39Mar 28, 2025Updated last year
- An Vulnerability detection and Exploitation tool for CVE-2024-24919☆25Jun 5, 2024Updated 2 years ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆135Dec 24, 2025Updated 5 months ago
- Your Skyfall Infrastructure Pack☆99Jun 2, 2026Updated 2 weeks ago
- A tool to assist DLL hijacking via the Havoc GUI☆14Jan 9, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆194Mar 4, 2024Updated 2 years ago
- ☆266Jul 31, 2024Updated last year
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆54May 5, 2025Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆284Jun 15, 2024Updated 2 years ago
- malware written for educational purposes☆72Dec 31, 2025Updated 5 months ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆441Jul 8, 2024Updated last year