eremit4 / cs-discovery
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
☆21Updated 8 months ago
Alternatives and similar repositories for cs-discovery:
Users that are interested in cs-discovery are comparing it to the libraries listed below
- Searching .evtx logs for remote connections☆23Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- ☆18Updated last year
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 5 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- Log converter from CS log to Ghostwriter CSV☆30Updated 4 years ago
- Slides and materials for conference presentations☆11Updated last year
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆39Updated 3 years ago
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Updated 3 years ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated last year
- Method of finding interesting domains using keywords + JARMs☆13Updated 2 years ago
- Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077☆33Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Updated 3 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- ☆42Updated 2 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 2 years ago
- Red Teaming & Active Directory Cheat Sheet.☆40Updated last year
- A cloud automation system for Red Teams based on Terraform and Ansible☆25Updated 4 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Lexmark CVE-2023-26067☆25Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- An Ansible role to install cobalt-strike☆16Updated 4 years ago
- Continuous kerberoast monitor☆45Updated last year
- ☆22Updated last year
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Updated 4 years ago
- ☆16Updated 3 years ago