Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
β99Mar 16, 2021Updated 5 years ago
Alternatives and similar repositories for exchange_webshell_detection
Users that are interested in exchange_webshell_detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- π¦π¬A small PowerShell tool for finding information quickly on malicious IPs or FQDNs. Powershell threat hunting.β11Jan 9, 2020Updated 6 years ago
- A scanner to detect the use of stolen FireEye red team toolsβ20Dec 18, 2020Updated 5 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environmentsβ65Jan 31, 2022Updated 4 years ago
- β191Nov 19, 2025Updated 6 months ago
- Deletes old versions of OWA and ECP versions of Exchange Serverβ13Dec 7, 2021Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting β’ AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Exploit and detect tools for CVE-2020-0688β354Mar 21, 2020Updated 6 years ago
- Detection Ideas & Rules repository.β178Sep 10, 2021Updated 4 years ago
- β22Oct 22, 2019Updated 6 years ago
- CVE-2024-23897 jenkins-cliβ15Jan 27, 2024Updated 2 years ago
- incident response scriptsβ18Mar 4, 2019Updated 7 years ago
- Conti V3 source code updatedβ11Jun 30, 2022Updated 3 years ago
- AntSword εΊη½ζ’ζ΅ζδ»Άβ22Jul 6, 2022Updated 3 years ago
- Exchange Server support tools and scriptsβ1,284Updated this week
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dllβ63Apr 18, 2019Updated 7 years ago
- Managed hosting for WordPress and PHP on Cloudways β’ AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Malware similarity platform with modularity in mind.β80Jul 18, 2021Updated 4 years ago
- Post exploitation tool for configuration management servers.β77Jan 29, 2026Updated 4 months ago
- β71Feb 15, 2021Updated 5 years ago
- C code to enable ETW tracing for Dotnet Assembliesβ32Aug 12, 2022Updated 3 years ago
- A collection of tools adversaries commonly use in an attack.β15Nov 23, 2024Updated last year
- Mitigation validation utility for the Ivanti Connect Around attack chain. Runs multiple checks. CVE-2023-46805, CVE-2024-21887.β12Feb 3, 2024Updated 2 years ago
- εΊδΊζ³¨ε葨ε«ζBypassUACβ28Dec 16, 2020Updated 5 years ago
- β647Jun 6, 2023Updated 3 years ago
- DeepToad is a library and a tool to clusterize similar files using fuzzy hashingβ20Apr 5, 2020Updated 6 years ago
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Script samples from the book Pentesting Azure Applications (2018, No Starch Press)β88Jan 31, 2019Updated 7 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump inβ¦β270Mar 18, 2021Updated 5 years ago
- Dump stuff without touching diskβ165Oct 29, 2020Updated 5 years ago
- Polyglot detectorβ25Jun 5, 2025Updated last year
- Simple yara rule managerβ67Dec 27, 2022Updated 3 years ago
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processingβ42May 18, 2026Updated 3 weeks ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.β118Nov 28, 2023Updated 2 years ago
- β13Feb 6, 2018Updated 8 years ago
- DFIRTrack - The Incident Response Tracking Applicationβ535Jan 13, 2026Updated 4 months ago
- Managed Database hosting by DigitalOcean β’ AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIRβ260Oct 29, 2025Updated 7 months ago
- Ansible scripts to build an attack boxβ24Sep 24, 2018Updated 7 years ago
- β28Mar 29, 2022Updated 4 years ago
- Collection of videos of Raids on Cybercriminalsβ22Mar 19, 2025Updated last year
- Convert Empire profiles to Apache mod_rewrite scriptsβ29Sep 17, 2019Updated 6 years ago
- Explore Indicators of Compromise Automaticallyβ97Feb 27, 2020Updated 6 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.β58Aug 6, 2020Updated 5 years ago