Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
β99Mar 16, 2021Updated 5 years ago
Alternatives and similar repositories for exchange_webshell_detection
Users that are interested in exchange_webshell_detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- π¦π¬A small PowerShell tool for finding information quickly on malicious IPs or FQDNs. Powershell threat hunting.β11Jan 9, 2020Updated 6 years ago
- A scanner to detect the use of stolen FireEye red team toolsβ20Dec 18, 2020Updated 5 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environmentsβ65Jan 31, 2022Updated 4 years ago
- β192Nov 19, 2025Updated 7 months ago
- Deletes old versions of OWA and ECP versions of Exchange Serverβ13Dec 7, 2021Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform β’ AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Exploit and detect tools for CVE-2020-0688β354Mar 21, 2020Updated 6 years ago
- Detection Ideas & Rules repository.β179Sep 10, 2021Updated 4 years ago
- β22Oct 22, 2019Updated 6 years ago
- CVE-2024-23897 jenkins-cliβ15Jan 27, 2024Updated 2 years ago
- incident response scriptsβ18Mar 4, 2019Updated 7 years ago
- Conti V3 source code updatedβ11Jun 30, 2022Updated 4 years ago
- AntSword εΊη½ζ’ζ΅ζδ»Άβ22Jul 6, 2022Updated 3 years ago
- Exchange Server support tools and scriptsβ1,283Jun 19, 2026Updated last week
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dllβ63Apr 18, 2019Updated 7 years ago
- Simple, predictable pricing with DigitalOcean hosting β’ AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Malware similarity platform with modularity in mind.β80Jul 18, 2021Updated 4 years ago
- Post exploitation tool for configuration management servers.β77Jan 29, 2026Updated 5 months ago
- β71Feb 15, 2021Updated 5 years ago
- C code to enable ETW tracing for Dotnet Assembliesβ33Aug 12, 2022Updated 3 years ago
- A collection of tools adversaries commonly use in an attack.β15Nov 23, 2024Updated last year
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.β12Feb 3, 2024Updated 2 years ago
- εΊδΊζ³¨ε葨ε«ζBypassUACβ28Dec 16, 2020Updated 5 years ago
- β648Jun 6, 2023Updated 3 years ago
- DeepToad is a library and a tool to clusterize similar files using fuzzy hashingβ20Apr 5, 2020Updated 6 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Script samples from the book Pentesting Azure Applications (2018, No Starch Press)β88Jan 31, 2019Updated 7 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump inβ¦β271Mar 18, 2021Updated 5 years ago
- Dump stuff without touching diskβ165Oct 29, 2020Updated 5 years ago
- Simple yara rule managerβ67Dec 27, 2022Updated 3 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processingβ42May 18, 2026Updated last month
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.β118Nov 28, 2023Updated 2 years ago
- β13Feb 6, 2018Updated 8 years ago
- DFIRTrack - The Incident Response Tracking Applicationβ536Jan 13, 2026Updated 5 months ago
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIRβ262Oct 29, 2025Updated 8 months ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Ansible scripts to build an attack boxβ24Sep 24, 2018Updated 7 years ago
- β28Mar 29, 2022Updated 4 years ago
- Collection of videos of Raids on Cybercriminalsβ22Mar 19, 2025Updated last year
- Convert Empire profiles to Apache mod_rewrite scriptsβ29Sep 17, 2019Updated 6 years ago
- Explore Indicators of Compromise Automaticallyβ97Feb 27, 2020Updated 6 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.β58Aug 6, 2020Updated 5 years ago
- Documentation and supporting script sample for Windows Exploit Guardβ168Sep 8, 2025Updated 9 months ago