StrikeReady-Inc / samples
shared samples from #dailyphish and/or #apt tweets
☆37Updated last week
Alternatives and similar repositories for samples:
Users that are interested in samples are comparing it to the libraries listed below
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆90Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- ☆34Updated 3 weeks ago
- Malware Analysis tools☆25Updated 6 months ago
- ☆35Updated 3 months ago
- ☆120Updated 6 months ago
- ☆51Updated 5 months ago
- ☆78Updated last year
- ☆67Updated last year
- Signature-based detection of malware features based on Windows API call sequences. It's like YARA for sandbox API traces!☆82Updated last year
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- Repository for archiving Cobalt Strike configuration☆29Updated this week
- Winsocket for Cobalt Strike.☆97Updated last year
- Neton is a tool for getting information from Internet connected sandboxes☆92Updated 2 years ago
- ☆75Updated 11 months ago
- Abusing SSRF to deliver an authenticated command injection payload☆28Updated last week
- PoCs of RCEs against open source C2 servers☆80Updated 5 months ago
- Windows Persistence IT-Security☆90Updated 2 weeks ago
- CVE-2023-21554 Windows MessageQueuing PoC,分析见 https://www.zoemurmure.top/posts/cve_2023_21554/☆56Updated last year
- ☆59Updated last year
- POC of GITHUB simple C2 in rust☆54Updated 2 months ago
- ☆19Updated 11 months ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- ☆79Updated 11 months ago
- A collection of tools and detections for the Sliver C2 Frameworj☆118Updated last year
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- ☆54Updated 4 months ago
- CVE-2024-30090 - LPE PoC☆105Updated 5 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 8 months ago