darkquasar / WMI_PersistenceLinks
A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics
☆87Updated 7 years ago
Alternatives and similar repositories for WMI_Persistence
Users that are interested in WMI_Persistence are comparing it to the libraries listed below
Sorting:
- An offensive Powershell console☆30Updated 9 years ago
- ☆52Updated 6 years ago
- Talk given at DerbyCon and RuxCon 2016☆22Updated 8 years ago
- Useful Threat Hunting Stuff☆32Updated 4 years ago
- ☆59Updated 6 years ago
- ☆97Updated 9 years ago
- ☆114Updated 8 years ago
- Powershell Persistence Locator☆66Updated 8 years ago
- Open Source Office Malware Generation & Polymorphic Engine for Red Teams and QA testing☆95Updated 8 years ago
- ☆17Updated 9 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- ☆108Updated 8 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆49Updated 6 years ago
- Basic demo for Hidden Treasure talk.☆49Updated 7 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 9 years ago
- All materials from our Black Hat 2018 "Subverting Sysmon" talk☆135Updated 7 years ago
- Proof of concept VBA code to add to Normal.dot to put restrictions on Word☆41Updated 8 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆104Updated 8 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Executes PowerShell from an unmanaged process☆29Updated 10 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 7 years ago
- Offensive Data Storage☆60Updated 8 years ago
- ☆19Updated 8 years ago
- IR-Tools - PowerShell tools for IR☆130Updated 8 years ago
- A sample bot for Cobalt Strike 3☆22Updated 9 years ago
- NCC Group Ransomware Simulator☆69Updated 9 years ago
- Sandbox feature upgrade with the help of wrapped samples☆76Updated 7 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆105Updated 4 years ago
- ☆53Updated 10 years ago