Nmap Script to scan for Winnti infections
☆71May 22, 2018Updated 7 years ago
Alternatives and similar repositories for winnti-nmap-script
Users that are interested in winnti-nmap-script are comparing it to the libraries listed below
Sorting:
- Network detector for Winnti malware☆21Mar 6, 2018Updated 8 years ago
- Suricata rules to detect Winnti communication☆16Mar 5, 2018Updated 8 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆55Jul 10, 2024Updated last year
- Please see other maintained fork:☆17Dec 4, 2025Updated 3 months ago
- Trace ScriptBlock execution for powershell v2☆40Jan 14, 2020Updated 6 years ago
- Scripts and rulesets for analysing the Winnti malware☆24Jul 24, 2019Updated 6 years ago
- ☆12May 22, 2018Updated 7 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆40Dec 20, 2016Updated 9 years ago
- Scanner for Zyxel products which are potentially vulnerable due to an undocumented user account (CVE-2020-29583)☆16Jan 4, 2021Updated 5 years ago
- ☆22Dec 22, 2020Updated 5 years ago
- Homographs: brutefind homographs within a font☆19Apr 21, 2017Updated 8 years ago
- Random tips and tricks RE: ransomware☆14Aug 17, 2021Updated 4 years ago
- Repository with selected IOCs and YARA rules for threat hunting.☆35May 21, 2025Updated 10 months ago
- A Catalog of Application Whitelisting Bypass Techniques☆11Jul 14, 2017Updated 8 years ago
- ☆38Jul 3, 2020Updated 5 years ago
- advanced code generator for John the Ripper☆13May 6, 2018Updated 7 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 weeks ago
- multiduplicut : optimize wordlists-based password cracking methods chaining☆16Feb 25, 2022Updated 4 years ago
- AutoIt script that attempts to fully automate the process of playing texas-holdem poker.☆12Jun 5, 2021Updated 4 years ago
- Burp Suite Pro extension☆11May 26, 2017Updated 8 years ago
- first commit☆23Feb 16, 2026Updated last month
- Resources, articles, thoughts, datasets, papers on TI tradecraft☆11Aug 24, 2018Updated 7 years ago
- Abusing SketchUp to make persistence on Windows☆21Mar 26, 2019Updated 6 years ago
- A medium interaction printer honeypot 🍯☆203Jul 9, 2023Updated 2 years ago
- ☆12Feb 24, 2023Updated 3 years ago
- GNU/Linux version of the https://github.com/inquisb/icmpsh slave☆22Feb 11, 2020Updated 6 years ago
- A YARA Rule Performance Measurement Tool☆61Feb 26, 2024Updated 2 years ago
- Monitoring 'DNS' inside the Tor network☆93Nov 21, 2016Updated 9 years ago
- Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog☆13Dec 12, 2019Updated 6 years ago
- Microsoft Windows HTA (HTML Application) - Remote Code Execution☆30Aug 21, 2015Updated 10 years ago
- A script to test an RDP host for sticky keys and utilman backdoor.☆263Sep 12, 2016Updated 9 years ago
- ☆25Jun 5, 2023Updated 2 years ago
- IoC's, PCRE's, YARA's etc☆23Mar 25, 2025Updated 11 months ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆46Nov 22, 2017Updated 8 years ago
- ☆16Sep 26, 2016Updated 9 years ago
- Python client and module for Vulnerability-Lookup.☆14Dec 9, 2025Updated 3 months ago
- Scanner for CVE-2020-0796 - A SMBv3.1.1 + SMB compression RCE☆58Mar 13, 2020Updated 6 years ago
- A testing framework for mail security and filtering solutions.☆245Jul 24, 2023Updated 2 years ago