This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions
☆47Jun 12, 2024Updated 2 years ago
Alternatives and similar repositories for APT29-Adversary-Simulation
Users that are interested in APT29-Adversary-Simulation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Jun 12, 2024Updated 2 years ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆28Jun 30, 2026Updated last week
- slides for talk given during uscg 2023 combine☆37Sep 6, 2023Updated 2 years ago
- This is a simulation of attack by (Voodoo Bear) APT group targeting entities in Eastern Europe the attack campaign was active as early as…☆11Jun 19, 2024Updated 2 years ago
- ☆25Nov 7, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆24Sep 15, 2023Updated 2 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆114Jan 12, 2024Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆33Oct 2, 2025Updated 9 months ago
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated 2 years ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆63May 3, 2024Updated 2 years ago
- This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom …☆1,090Jul 1, 2026Updated last week
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32May 30, 2024Updated 2 years ago
- ☆109Oct 29, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆26Mar 12, 2025Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- C2 Infrastructure Automation☆120Jun 21, 2025Updated last year
- A public repository of MITRE ATT&ACK TTP mappings by BushidoUK for OSINT reports that lack a section breaking down the TTPs.☆27Mar 20, 2025Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆96Jul 7, 2025Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆108Nov 7, 2025Updated 8 months ago
- Notion C2 Profile for Mythic☆46Apr 30, 2026Updated 2 months ago
- ☆11Dec 8, 2023Updated 2 years ago
- PolyEngine is an evasive PE packer designed for CTF challenges and low-level Windows security education. It focuses on bypassing EDR and …☆145Jun 10, 2026Updated 3 weeks ago
- NIST Cybersecurity Framework (CSF) Profile Assessment Tool - Track controls, assign ownership, document findings, score security states, …☆45Updated this week
- ☆80Aug 5, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated 3 months ago
- Examples of various container types for Python and Golang☆17Aug 29, 2025Updated 10 months ago
- Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of…☆522Jun 9, 2026Updated last month
- Reverse-HTTP Redirector via DigitalOcean Apps Platform☆33Aug 16, 2023Updated 2 years ago
- ☆39Mar 28, 2025Updated last year
- An Vulnerability detection and Exploitation tool for CVE-2024-24919☆25Jun 5, 2024Updated 2 years ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆135Dec 24, 2025Updated 6 months ago
- Your Skyfall Infrastructure Pack☆99Jul 1, 2026Updated last week
- A tool to assist DLL hijacking via the Havoc GUI☆14Jan 9, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆194Mar 4, 2024Updated 2 years ago
- serverless url-shortener☆12Aug 25, 2024Updated last year
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- ☆270Jul 31, 2024Updated last year
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆54May 5, 2025Updated last year
- malware written for educational purposes☆72Dec 31, 2025Updated 6 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆285Jun 15, 2024Updated 2 years ago