cr0nx / awesome-linux-attack-forensics-purplelabs
This page is a result of the ongoing hands-on research around advanced Linux attacks, detection and forensics techniques and tools.
☆126Updated last year
Related projects ⓘ
Alternatives and complementary repositories for awesome-linux-attack-forensics-purplelabs
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆141Updated 2 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆110Updated 7 months ago
- Free training course offered at Hack Space Con 2023☆133Updated last year
- ☆130Updated last year
- Active C&C Detector☆150Updated last year
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆105Updated this week
- yara detection rules for hunting with the threathunting-keywords project☆87Updated this week
- PowerShell Script Analyzer☆66Updated last year
- A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.☆176Updated 3 months ago
- https://lolad-project.github.io/☆63Updated 2 weeks ago
- Completely Risky Active-Directory Simulation Hub☆99Updated last year
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆158Updated 2 weeks ago
- A collection of tools and detections for the Sliver C2 Frameworj☆109Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆248Updated last year
- Advanced Bash script designed for conducting digital forensics on Linux systems☆130Updated 7 months ago
- A ProcessMonitor visualization application written in rust.☆176Updated last year
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆98Updated last year
- ShellSweeping the evil.☆142Updated 3 months ago
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆118Updated 3 weeks ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 6 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆146Updated last year
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆169Updated 4 months ago
- God Mode Detection Rules☆131Updated 3 months ago
- ☆36Updated 7 months ago
- An ADCS honeypot to catch attackers in your internal network.☆226Updated 4 months ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆162Updated last week
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆40Updated 2 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆232Updated last year