eric-conrad / c2-talk

Related projects: ⓘ

• S3N4T0R-0X0 / APT28-Adversary-Simulation
  This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
  ☆27Updated 3 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆79Updated 2 months ago
• malcomvetter / fake-ransomware
  ☆51Updated this week
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆64Updated 2 weeks ago
• SadProcessor / BloodHoundOperator
  BloodHound PowerShell client
  ☆43Updated this week
• Hacker-Hermanos / C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
  C2 Infrastructure Automation
  ☆82Updated last month
• BC-SECURITY / ScriptBlock-Smuggling
  Example code samples from our ScriptBlock Smuggling Blog post
  ☆80Updated 3 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆55Updated last year
• TierZeroSecurity / edr_blocker
  Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…
  ☆136Updated last month
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 2 months ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆94Updated 6 months ago
• jaredcatkinson / MalwareMorphology
  ☆74Updated 3 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆117Updated 10 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 4 months ago
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆139Updated 4 months ago
• nixpal / shellsilo
  SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…
  ☆81Updated 2 weeks ago
• StrangerealIntel / Shadow-Pulse
  information about ransomware groups (Ransomware Analysis Notes)
  ☆36Updated 8 months ago
• truerustyy / wcreddump
  Fully automated windows credentials dumper, from SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine wit…
  ☆66Updated 3 months ago
• 0xBienCuit / InfraRed-AWS
  ☆48Updated 2 weeks ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• RedTeamOperations / Red-Infra-Craft
  RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…
  ☆47Updated 3 weeks ago
• JitBox / SSHniffer
  ☆35Updated 9 months ago
• infosecn1nja / VeilTransfer
  VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …
  ☆91Updated 3 weeks ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆50Updated 4 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆104Updated 4 months ago
• CyberSecurityUP / Windows-API-for-Red-Team
  ☆48Updated 5 months ago
• 0xNslabs / CanaryTokenScanner
  Script designed to identify CanaryTokens within Microsoft Office documents and Acrobat Reader PDF (docx, xlsx, pptx, pdf).
  ☆106Updated 7 months ago
• georgesotiriadis / MalwareDev
  ☆82Updated 2 years ago
• huntandhackett / PassiveAggression
  Source code and examples for PassiveAggression
  ☆54Updated 3 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆131Updated last month