StrangerealIntel / DeltaFlare
☆12Updated 3 years ago
Alternatives and similar repositories for DeltaFlare:
Users that are interested in DeltaFlare are comparing it to the libraries listed below
- Generates YARA rules to detect malware using API hashing☆17Updated 3 years ago
- ☆22Updated 4 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 4 years ago
- Speaking materials from conferences I've given☆9Updated 2 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- This is a repository for the public blog with Labs indicators of compromise.☆10Updated 5 years ago
- D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit☆29Updated 3 months ago
- Threat Mitigation Strategies☆25Updated last year
- ☆13Updated 4 years ago
- A set of tools for collecting forensic information☆26Updated 4 years ago
- ☆33Updated 3 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆31Updated 4 years ago
- Indicators of compromise relating to our report on APT10's targeting of global MSPs☆10Updated 7 years ago
- Python emulator for Excel XLM macros.☆18Updated 4 years ago
- ☆23Updated 4 years ago
- ☆34Updated 2 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆22Updated last year
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆20Updated 2 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Parser for Sdba memory pool tags☆17Updated 3 years ago
- Set of utilities for getting information about Windows Events☆15Updated 6 years ago
- Light System Examination Toolkit (LISET) - logs & activity & configuration gathering utility that comes handy in fast Windows incident re…☆28Updated 8 years ago
- ☆12Updated 6 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Streaming Unexpected Network Byte Sequences with High Probability of Blue Screening or Otherwise Crashing Attacker Command-and-Control No…☆22Updated 5 years ago
- A Canary which fires when uninstalled☆34Updated 3 years ago
- Steezy - Ghetto Yara Generation☆15Updated last year
- Script to parse Process Monitor XML log file, and give you a summary report.☆23Updated 8 years ago