SentineLabs / TrickBot-Anchor

Related projects ⓘ

Alternatives and complementary repositories for TrickBot-Anchor

• 2igosha / sunburst_dga
  ☆22Updated 3 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• SentineLabs / PowerTrick
  This is a repository for the public blog with Labs indicators of compromise and code
  ☆18Updated 4 years ago
• Hestat / intel-sharing
  Repository of Information sharing on threats and indicators
  ☆12Updated 4 years ago
• PwCUK-CTO / OperationCloudHopper
  Indicators of compromise relating to our report on APT10's targeting of global MSPs
  ☆10Updated 7 years ago
• caschnee / misp-use-cases
  ☆14Updated 6 years ago
• mgeeky / LISET
  Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…
  ☆27Updated 8 years ago
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• OTRF / bloodhound-notebooks
  Notebooks created to attack and secure Active Directory environments
  ☆27Updated 5 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 4 years ago
• colincowie / viper-plugins
  Plugins for the Viper Framework
  ☆14Updated 5 years ago
• PwnDexter / FindFrontableDomains
  Forked and updated with some additional features over the original
  ☆16Updated 3 years ago
• aaronst / talks
  Presentation materials for talks I've given.
  ☆20Updated 5 years ago
• woanware / reg-entropy-scanner
  Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…
  ☆11Updated 5 years ago
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆14Updated 4 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆33Updated 2 years ago
• JimmyAstle / Atomic-Parser
  Python parser for Red Canary's Atomic Red Team Yamls
  ☆27Updated 5 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• schrodyn / steezy
  Steezy - Ghetto Yara Generation
  ☆15Updated last year
• jymcheong / aptc
  Automated Payload Test Controller
  ☆9Updated 7 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• WithSecureLabs / RemotePSpy
  RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShel…
  ☆18Updated 4 years ago
• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆21Updated this week
• r4wd3r / ADPWN
  Useful Windows and AD tools
  ☆15Updated 2 years ago
• rvrsh3ll / CrypoCurrencyPowerShell
  ☆30Updated 6 years ago
• CptOfEvilMinions / ThreatHuntingEQLandBro
  Threat hunting with EQL and Bro. This repo contains modifications to EQL and EQLLib to use BRO logs.
  ☆8Updated 5 years ago
• blacklotuslabs / Research
  The mission of Black Lotus Labs is to leverage our network visibility to both help protect customers and keep the internet clean.
  ☆11Updated 3 years ago
• automate-tim / conference-materials
  Speaking materials from conferences I've given
  ☆9Updated 2 years ago
• intezer / ost-map
  ☆20Updated 4 years ago