fulmetalpackets / protohacking
This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.
☆33Updated 2 years ago
Related projects: ⓘ
- labs_modern_malware_c2 Originally supporting Defcon workshop, will morph into Attack Defend for C2.☆18Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆29Updated 2 months ago
- Yara Rules for Modern Malware☆68Updated 6 months ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆61Updated 7 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 4 months ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- Offensive Research Guide to Help Defense Improve Detection☆29Updated last year
- Ransomware Simulator for testing Blue Team Detections☆34Updated 2 years ago
- A sample VHDX file with multiple verbose examples of forensic and anti-forensics artifacts. Meant to be basic and can be expanded upon. P…☆25Updated last year
- ☆22Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆86Updated last year
- ☆37Updated 2 years ago
- Scripts and tools accompanying HP Threat Research blog posts and reports.☆48Updated 5 months ago
- The Atomic Playbook contains TTPs from the MITRE ATT&CK framework mapped to the tests in the Atomic Red Team. It serves as a single resou…☆28Updated 8 months ago
- Automatic detection engineering technical state compliance☆49Updated 2 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- ☆25Updated 3 years ago
- A MITRE ATT&CK Lookup Tool☆41Updated 4 months ago
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆22Updated 3 weeks ago
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Quick analysis focusing on most important of a Malware or a Threat☆39Updated last year
- ☆40Updated 5 months ago
- Scripts and lists to help generate YARA friendly string mutations☆19Updated last year
- A happy place for detection engineers, purple teamers and threat hunters focusing on macOS.☆20Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆48Updated last year
- Bloodhound Portable for Windows☆51Updated last year
- ShellSweeping the evil.☆49Updated 3 months ago
- Reads and prints information from the website MalAPI.io☆19Updated 2 years ago