eremit4 / cs-discovery
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
☆20Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for cs-discovery
- Searching .evtx logs for remote connections☆23Updated last year
- ☆18Updated 7 months ago
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆46Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- CIS Benchmark testing of Windows SIEM configuration☆43Updated last year
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Updated 3 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆30Updated last year
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Updated 3 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- A little implant which SSH's back with a shell☆36Updated 2 years ago
- Just another useless C2 occupying space in some HDD somewhere.☆19Updated last year
- ☆21Updated last year
- ☆41Updated 2 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 4 years ago
- An Ansible role for installing Cobalt Strike.☆74Updated 3 months ago
- Repository for archiving Cobalt Strike configuration☆29Updated this week
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆20Updated 2 years ago
- A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.☆39Updated last year
- Kerberos laboratory to better understand and then detecting attack on kerberos☆67Updated 3 years ago
- Method of finding interesting domains using keywords + JARMs☆13Updated last year
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆23Updated 2 years ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆37Updated 2 years ago
- Red Teaming & Active Directory Cheat Sheet.☆39Updated last year
- Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082☆25Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Log converter from CS log to Ghostwriter CSV☆29Updated 4 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated last year