Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine
☆22Dec 8, 2024Updated last year
Alternatives and similar repositories for Windows-Threat-Hunting
Users that are interested in Windows-Threat-Hunting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple shellcode injector.☆13Jan 6, 2019Updated 7 years ago
- Multicore EVTX to Elasticsearch ingestor for incident responders.☆14May 12, 2021Updated 4 years ago
- A playground to test various prompt injection techniques and bypasses.☆21Mar 31, 2023Updated 3 years ago
- ☆53Mar 4, 2019Updated 7 years ago
- All in one - Malware + Analysis by Cylance☆11Nov 23, 2018Updated 7 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Lazy SPL to detect Spring4Shell exploitation☆12Jul 8, 2022Updated 3 years ago
- Library of threat hunts to get any user started!☆50Sep 4, 2020Updated 5 years ago
- ☆58Mar 4, 2022Updated 4 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated 2 months ago
- This repo will contain slides and information from the Attacking Active Directory Hacking Series talks presented at SecKC.☆33Jun 26, 2024Updated last year
- AgentTesla botnet C&C RCE exploit.☆16Aug 13, 2019Updated 6 years ago
- Repository resource for threat hunter☆159Sep 14, 2018Updated 7 years ago
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆39Jul 22, 2021Updated 4 years ago
- OWASP Foundation Web Respository☆20Mar 15, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- evtx2json extracts events of interest from event logs, dedups them, and exports them to json.☆40May 3, 2021Updated 5 years ago
- Github Desktop RCE PoC☆28Dec 4, 2018Updated 7 years ago
- Blind XSS service alerting over slack or email☆29Aug 6, 2019Updated 6 years ago
- A collection of handy and specific tools for the Red Teamer☆11Aug 13, 2024Updated last year
- CVE-2020-8950 AMD User Experience Program Launcher from Radeon Software Privilege Escalation ( FileWrite eop)☆29Apr 23, 2020Updated 6 years ago
- 此项目可用于Firefox,chrome,opera浏览器的登录信息的解密。☆28Jul 24, 2019Updated 6 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Jul 23, 2020Updated 5 years ago
- This is just my personal compilation of APT malware from whitepaper releases, documents and malware samples from my personal research.☆32Jan 28, 2020Updated 6 years ago
- A reasonably performant TF-IDF implementation.☆12Nov 20, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Repository for storage of Axon Rapid Response related queries, scripts and more☆10Jul 22, 2025Updated 9 months ago
- Threat Hunt Investigation Methodology and Procedure☆15Jul 11, 2022Updated 3 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- This repository contains Splunk queries to hunt some anomalies☆47Jul 28, 2022Updated 3 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- SolarWinds Orion API 远程代码执行漏洞批量检测脚本☆10Jan 5, 2021Updated 5 years ago
- Volatility Framework plugin to detect various types of hooks as performed by banking Trojans☆40Dec 14, 2018Updated 7 years ago
- Playing around with token manipulation in C#.☆29Nov 6, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Detecting ATT&CK techniques & tactics for Linux☆258Oct 1, 2020Updated 5 years ago
- A cheap and easy to build digital Theremin☆10Jan 29, 2026Updated 3 months ago
- ☆27Feb 26, 2016Updated 10 years ago
- ☆12Feb 16, 2017Updated 9 years ago
- Convert batch script to executable with advanced obfuscator. Based on Batch-Obfuscator bat2exe very advanced and very well made.☆15Jan 5, 2022Updated 4 years ago
- A Mixture‑of‑Experts Educational Framework for Adaptive Cybersecurity☆22Feb 8, 2026Updated 3 months ago
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 2 years ago