eremit4 / cs-discoveryLinks
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
☆22Updated 10 months ago
Alternatives and similar repositories for cs-discovery
Users that are interested in cs-discovery are comparing it to the libraries listed below
Sorting:
- ☆18Updated last year
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆37Updated 5 years ago
- Searching .evtx logs for remote connections☆23Updated last year
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 3 years ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated 2 years ago
- Method of finding interesting domains using keywords + JARMs☆13Updated 2 years ago
- ☆22Updated last year
- Log converter from CS log to Ghostwriter CSV☆30Updated 4 years ago
- shellcode obfuscater and runner in golang☆11Updated last year
- A collection of notes and rules (Snort/Suricata, Sigma, and YARA) to identify various samples of malware.☆14Updated 3 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Red Teaming & Active Directory Cheat Sheet.☆40Updated last year
- Just another useless C2 occupying space in some HDD somewhere.☆20Updated last year
- A cloud automation system for Red Teams based on Terraform and Ansible☆23Updated 4 years ago
- Slides and materials for conference presentations☆11Updated 2 years ago
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Updated 3 years ago
- Proof of Concept for WatchGuard Authenticated Arbitrary File Read (CVE-2022-31749)☆10Updated 3 years ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆21Updated last year
- PoC-Malware-TTPs☆49Updated 2 years ago
- ☆41Updated 2 years ago
- PoC☆12Updated 2 months ago
- Repository for archiving Cobalt Strike configuration☆31Updated last week
- Automation of Active Directory penetration testing tasks on top of BloodHound CE☆34Updated last year
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- (PoC) Tiny Excel BIFF8 Generator, to Embedded 4.0 Macros in xls files without Excel.☆43Updated 3 years ago
- ansible roles to download and install empire (BC-Security),deathstar(byt3bl33der) and starkiller (BC-Security)☆24Updated 3 years ago
- ☆17Updated 4 years ago