f8al / TA-ShellLinks
Splunk scripted input for opening a backconnect shell on a remote forwarder
☆45Updated 4 years ago
Alternatives and similar repositories for TA-Shell
Users that are interested in TA-Shell are comparing it to the libraries listed below
Sorting:
- ☆32Updated 7 years ago
- This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.☆34Updated 5 years ago
- BloodHound Data Scanner☆45Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Splunk App for MITRE Att&CK Navigator(TM)☆23Updated 4 years ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated last year
- Bro integration with osquery☆15Updated 2 years ago
- Remote Desktop Client Fingerprint script for Zeek. Based off of https://github.com/0x4D31/fatt☆39Updated last year
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 4 years ago
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- ☆53Updated 6 years ago
- Tweettioc Splunk App☆20Updated 4 years ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- A CALDERA plugin for ATT&CK Evaluations Round 1☆33Updated last year
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 5 years ago
- Threat Mapping Catalogue☆17Updated 3 years ago
- Old home of LimaCharlie, open source EDR☆30Updated last year
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- Mitre Att&ck Technique Emulation☆82Updated 6 years ago
- OSSEM Modular☆27Updated 4 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- ☆42Updated last year
- Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs☆42Updated 6 years ago
- Compilation of resources to help with Adversary Simulation automation harness☆100Updated 4 years ago
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆56Updated 10 months ago