cedowens / C2-JARM
A list of JARM hashes for different ssl implementations used by some C2/red team tools.
☆140Updated last year
Alternatives and similar repositories for C2-JARM:
Users that are interested in C2-JARM are comparing it to the libraries listed below
- Active C2 IoCs☆97Updated 2 years ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆165Updated 2 years ago
- Carbon Black TAU Excel 4 Macro Analysis☆40Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆150Updated 3 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆168Updated 4 years ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- HoneyCreds network credential injection to detect responder and other network poisoners.☆216Updated 3 years ago
- Valhalla API Client☆68Updated 2 years ago
- ☆44Updated last year
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆65Updated 2 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 3 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆85Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆97Updated 2 months ago
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆160Updated last month
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 3 years ago
- ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…☆172Updated 6 months ago
- A repository that maps API calls to Sysmon Event ID's.☆117Updated 2 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated 2 weeks ago
- Simple PowerShell script to enable process scanning with Yara.☆91Updated 2 years ago
- Random hunting ordiented yara rules☆95Updated last year
- ☆86Updated last year
- Detect possible sysmon logging bypasses given a specific configuration☆107Updated 6 years ago
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆137Updated 7 months ago
- Active C&C Detector☆152Updated last year
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆111Updated last year
- IOC Collection 2022☆57Updated 2 years ago
- Automatically create YARA rules from malicious documents.☆210Updated 2 years ago
- Carbon Black Response IR tool☆53Updated 4 years ago