cabve / CbRLinks
Queries for Carbon Black Response
☆11Updated 5 years ago
Alternatives and similar repositories for CbR
Users that are interested in CbR are comparing it to the libraries listed below
Sorting:
- Active C2 IoCs☆99Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 3 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 10 months ago
- Carbon Black Response IR tool☆54Updated 4 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆126Updated 3 years ago
- ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…☆176Updated last month
- ☆28Updated 4 years ago
- ☆70Updated 4 years ago
- Rhaegal is a tool written in Python 3 used to scan Windows Event Logs for suspicious logs. Rhaegal uses custom rule format to detect sus…☆41Updated 2 years ago
- Links to malware-related YARA rules☆15Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆41Updated last month
- My conference presentations☆85Updated 3 weeks ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 3 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆87Updated 3 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆157Updated 4 years ago
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆114Updated 2 years ago
- Picus Labs☆44Updated 4 years ago
- This batch script file wants to check your EDR systems detection and response capabilities in a more noisy way!☆11Updated 5 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆144Updated 2 years ago
- IOC Collection 2022☆57Updated 2 years ago
- ☆38Updated 3 years ago
- Linux Evidence Acquisition Framework☆118Updated last year
- ☆88Updated 2 months ago
- A repository of Sysmon For Linux configuration modules☆15Updated 4 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆104Updated 2 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆84Updated 3 months ago
- ☆44Updated 3 months ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆154Updated 3 years ago
- Blueteam operational triage registry hunting/forensic tool.☆150Updated last month