Sh3lldor / PVT

Related projects: ⓘ

• Immersive-Labs-Sec / msrc-api
  A collection of tools to interact with Microsoft Security Response Center API
  ☆95Updated 8 months ago
• bananabr / TimeException
  A tool to find folders excluded from AV real-time scanning using a time oracle
  ☆230Updated 7 months ago
• deepinstinct / NoFilter
  ☆290Updated last year
• jsecurity101 / MSRPC-to-ATTACK
  A repository that maps commonly used attacks using MSRPC protocols to ATT&CK
  ☆305Updated last year
• ahhh / Cybersecurity-Tradecraft
  A repo to support the book
  ☆103Updated 3 years ago
• xforcered / WFH
  ☆180Updated 2 years ago
• jsecurity101 / TelemetrySource
  ☆214Updated 4 months ago
• forensicxlab / VISION-ProcMon
  A ProcessMonitor visualization application written in rust.
  ☆175Updated last year
• strozfriedberg / cobaltstrike-config-extractor
  Cobalt Strike Beacon configuration extractor and parser.
  ☆142Updated 3 years ago
• evild3ad / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆216Updated 6 months ago
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆121Updated 3 months ago
• xorhex / mlget
  A golang CLI tool to download malware from a variety of sources.
  ☆139Updated 7 months ago
• Allevon412 / TeamsImplant
  ☆200Updated 2 years ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆334Updated this week
• fox-it / dissect.cobaltstrike
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆145Updated 8 months ago
• fox-it / dissect.target
  The Dissect module tying all other Dissect modules together. It provides a programming API and command line tools which allow easy access…
  ☆41Updated this week
• Neo23x0 / YARA-Performance-Guidelines
  A guide on how to write fast and memory friendly YARA rules
  ☆123Updated last year
• Res260 / conti_202202_leak_procedures
  This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in th…
  ☆87Updated 2 years ago
• SentineLabs / SentinelLabs_RevCore_Tools
  The Windows Malware Analysis Reversing Core Tools
  ☆88Updated 3 years ago
• claroty / arya
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆238Updated last year
• StrangerealIntel / Orion
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆136Updated 10 months ago
• CoolerVoid / Vision2
  ☆189Updated this week
• blueteam0ps / memOptix
  A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.
  ☆94Updated last year
• mandiant / VM-Packages
  Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
  ☆138Updated this week
• gtworek / VolatileDataCollector
  ☆168Updated 8 months ago
• 100DaysofYARA / 2024
  Rules shared by the community from 100 Days of YARA 2024
  ☆75Updated 5 months ago
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆245Updated last year
• c3rb3ru5d3d53c / mwcfg
  A Feature Rich Modular Malware Configuration Extraction Utility for MalDuck
  ☆125Updated 9 months ago
• mandiant / Vulnerability-Disclosures
  ☆183Updated 2 weeks ago
• shell-dot / tuoni
  Tuoni
  ☆47Updated this week