WithSecureLabs / lolcerts
A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
☆349Updated last year
Alternatives and similar repositories for lolcerts:
Users that are interested in lolcerts are comparing it to the libraries listed below
- The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.☆291Updated last year
- Nuke It From Orbit - remove AV/EDR with physical access☆258Updated 4 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆168Updated 2 months ago
- ☆186Updated last year
- Analyse your malware to surgically obfuscate it☆465Updated 2 months ago
- A CIA tradecraft technique to asynchronously detect when a process is created using WMI.☆134Updated last year
- An ADCS honeypot to catch attackers in your internal network.☆285Updated 10 months ago
- A delicious, but malicious SSL-VPN server 🌮☆218Updated 5 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆123Updated 3 months ago
- A repository of credential stealer formats☆210Updated last month
- Retired TrustedSec Capabilities☆247Updated 5 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆363Updated last year
- FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is de…☆792Updated 2 months ago
- Patching "signtool.exe" to accept expired certificates for code-signing.☆275Updated 9 months ago
- Free training course offered at Hack Space Con 2023☆138Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated 2 months ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆277Updated 8 months ago
- ☆218Updated 2 months ago
- God Mode Detection Rules☆134Updated 8 months ago
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆160Updated 3 weeks ago
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆375Updated last week
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆149Updated 7 months ago
- A ProcessMonitor visualization application written in rust.☆178Updated last year
- Tools for analyzing EDR agents☆228Updated 10 months ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆173Updated last year
- AV/EDR Evasion Lab for Training & Learning Purposes☆1,237Updated this week
- ☆349Updated last year
- Because AV evasion should be easy.☆705Updated 5 months ago
- Repository of Yara Rules☆110Updated 2 weeks ago
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆185Updated 2 months ago