eremit4 / cs-discoveryLinks
Detecting Cobalt Strike Team Servers on targets through traffic telemetry.
☆22Updated 11 months ago
Alternatives and similar repositories for cs-discovery
Users that are interested in cs-discovery are comparing it to the libraries listed below
Sorting:
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆50Updated 3 years ago
- ☆18Updated last year
- Searching .evtx logs for remote connections☆24Updated 2 years ago
- Triaging Windows event logs based on SANS Poster☆39Updated 2 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆37Updated 5 years ago
- Web access logs analyzer - provides an insight on how remote hosts behave☆15Updated 3 years ago
- Method of finding interesting domains using keywords + JARMs☆13Updated 2 years ago
- ☆42Updated 3 years ago
- Repository for archiving Cobalt Strike configuration☆33Updated last week
- Perform Windows domain enumeration via LDAP☆36Updated 3 years ago
- Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077☆34Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Updated 2 years ago
- Discord as a C2☆49Updated 4 years ago
- Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic …☆43Updated 3 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 3 years ago
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆31Updated 2 years ago
- Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized☆16Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 3 years ago
- AdHoc solutions☆48Updated last year
- Slides and materials for conference presentations☆11Updated 2 years ago
- Slides for the talk we presented as UniPi at DefCon's Red Team Village☆23Updated 2 years ago
- A repo to house files for our blogposts on blog.nviso.eu☆72Updated 4 months ago
- CIS Benchmark testing of Windows SIEM configuration☆44Updated 2 years ago
- ☆19Updated last year
- Just another useless C2 occupying space in some HDD somewhere.☆20Updated 2 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- ☆54Updated 7 months ago