bradleyjkemp / threathunting
Assorted, MIT licensed, threat hunting rules from @bradleyjkemp
☆12Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for threathunting
- Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…☆16Updated 3 years ago
- Helpful operator notes and techniques in actionable form☆16Updated last year
- JXA script for Mythic that prints the TCC.db☆15Updated 3 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆47Updated 4 years ago
- Automated deployment and configuration of a Mythic server using Terraform and Ansible☆9Updated last year
- Easily serve HTTP and DNS keys for proper payload protection☆60Updated 6 years ago
- ☆17Updated 5 years ago
- Some Hashcat Rules for 2020 and beyond. Contributions encouraged!☆24Updated 2 years ago
- ☆10Updated 4 years ago
- Forked and updated with some additional features over the original☆16Updated 3 years ago
- A Catalog of Application Whitelisting Bypass Techniques☆11Updated 7 years ago
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆27Updated last year
- Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.☆44Updated 7 years ago
- ☆15Updated 2 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆13Updated 2 years ago
- pypykatz plugin for volatility3 framework☆31Updated 7 months ago
- Cobalt Strike log state tracking, parsing, and storage☆22Updated 5 years ago
- Walking the PEB in VBA☆22Updated 4 years ago
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆44Updated 3 years ago
- ☆37Updated 6 years ago
- Scripts to help hunt for possible golden/silver TGT tickets☆16Updated 7 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29Updated 6 years ago
- A companion tool for BloodHound offering Active Directory statistics and number crunching☆64Updated 6 years ago
- ☆26Updated 6 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆14Updated this week
- Automation Engine using the Covenant API and lua scripting☆24Updated last year
- ☆55Updated 4 years ago
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆17Updated 3 years ago
- Ansible role that Installs Mythic☆14Updated 5 months ago