Cobalt Strike log state tracking, parsing, and storage
☆24Jul 18, 2019Updated 6 years ago
Alternatives and similar repositories for cslogwatch
Users that are interested in cslogwatch are comparing it to the libraries listed below
Sorting:
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- Port of Invoke-Excel4DCOM☆104Oct 12, 2019Updated 6 years ago
- JXA script to allow programmatic persistence via macOS Calendar.app alerts.☆44Oct 31, 2020Updated 5 years ago
- A Swift port of some of the original PersistentJXA projects by D00MFist. Original PersistentJXA repo: https://github.com/D00MFist/Persist…☆34Apr 15, 2021Updated 4 years ago
- Apfell POC Chrome Extension Payload☆10Jun 24, 2020Updated 5 years ago
- A tool to sync mythic events with ghostwriter oplog.☆14Nov 21, 2024Updated last year
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- Example VBA Macro for MacOS Mojave☆67Oct 31, 2018Updated 7 years ago
- Splunk Dashboard for CobaltStrike logs☆90Mar 16, 2021Updated 4 years ago
- ☆34Apr 5, 2017Updated 8 years ago
- .NET tool for enumeration processes and dumping memory.☆57Apr 4, 2019Updated 6 years ago
- Python api for usage with cobalt strike's External C2 specification☆72Feb 15, 2018Updated 8 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- SharpTask is a simple code set to interact with the Task Scheduler service api and is compatible with Cobalt Strike.☆93Feb 15, 2021Updated 5 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆31Dec 19, 2017Updated 8 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- PE File Blessing - To continue or not to continue☆87Nov 23, 2019Updated 6 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Nov 25, 2019Updated 6 years ago
- Initial Commit of Coresploit☆57Oct 12, 2021Updated 4 years ago
- Cobalt Strike Aggressor extension for Visual Studio Code☆138Jun 20, 2024Updated last year
- CVE-2018-15982_PoC☆14Nov 6, 2019Updated 6 years ago
- Tool to acquire netNTLM hashes on a local machine wihtout network traffic☆13May 18, 2018Updated 7 years ago
- Simple DLL injector written in C#☆24Sep 28, 2015Updated 10 years ago
- Auto-generate an HTaccess for payload delivery -- automatically pulls ips/nets/etc from known sandbox companies/sources that have been se…☆170Aug 10, 2020Updated 5 years ago
- Library of traffic redirectors☆26Apr 7, 2020Updated 5 years ago
- Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.☆177Sep 18, 2018Updated 7 years ago
- Zoom Persistence Aggressor and Handler☆55Mar 24, 2021Updated 4 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- Ps-Tools, an advanced process monitoring toolkit for offensive operations☆355Dec 1, 2020Updated 5 years ago
- Copy cat model for Proofpoint☆91Apr 30, 2020Updated 5 years ago
- JXA situational awareness helper by simply reading specific files on a filesystem☆82Feb 17, 2026Updated last week
- pyForgeCert is a Python equivalent of the ForgeCert.☆69Aug 15, 2023Updated 2 years ago
- A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.☆62Jun 2, 2018Updated 7 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆104Dec 19, 2017Updated 8 years ago
- when pass change ,send the pass to remote host☆20Jan 19, 2020Updated 6 years ago
- A simple exploit for Apache Struts RCE S2-057 (CVE-2018-11776)☆16Aug 29, 2018Updated 7 years ago