carbonblack / excel4-testsLinks
Carbon Black TAU Excel 4 Macro Analysis
☆43Updated last year
Alternatives and similar repositories for excel4-tests
Users that are interested in excel4-tests are comparing it to the libraries listed below
Sorting:
- Active Directory Purple Team Playbook☆110Updated 2 years ago
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- A collection of Powershell scripts that will help automate the build process for a Marvel domain.☆148Updated last year
- My conference presentations☆82Updated 3 weeks ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆68Updated 3 weeks ago
- Fraktal's Ransomware Emulator☆102Updated last year
- A home for detection content developed by the delivr.to team☆70Updated 2 weeks ago
- Blueteam operational triage registry hunting/forensic tool.☆149Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆169Updated 2 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆135Updated last year
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- GoldenSAML Attack Libraries and Framework☆73Updated last year
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago
- ShellSweeping the evil.☆53Updated last year
- Active C&C Detector☆156Updated last year
- ☆88Updated last month
- Automated detection rule analysis utility☆29Updated 2 years ago
- Threat Simulation Indexes☆38Updated 3 months ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆94Updated 3 years ago
- A repository that maps API calls to Sysmon Event ID's.☆122Updated 2 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆104Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆88Updated 2 years ago
- Active C2 IoCs☆99Updated 2 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆85Updated 2 months ago
- ☆27Updated 4 years ago
- YARA rule analyzer to improve rule quality and performance☆103Updated 4 months ago
- This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in th…☆87Updated 3 years ago