intelliroot-tech / ProcessHuntingToolkit

Related projects ⓘ

Alternatives and complementary repositories for ProcessHuntingToolkit

• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆72Updated 2 months ago
• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆51Updated 6 months ago
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆53Updated 2 years ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 4 months ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆35Updated 3 years ago
• jsecurity101 / LDAPMon
  ☆44Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆67Updated 8 months ago
• QueenSquishy / plague
  Default Detections for EDR
  ☆94Updated 9 months ago
• ACE-Responder / ace-proctree
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆34Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• ACE-Responder / rpcfirewall-extended-telemetry
  ☆13Updated 6 months ago
• joe-desimone / rep-research
  ☆67Updated 3 months ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• S3N4T0R-0X0 / APT28-Adversary-Simulation
  This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe
  ☆30Updated 5 months ago
• codewhitesec / SysmonEnte
  ☆68Updated 2 years ago
• jaredcatkinson / MalwareMorphology
  ☆76Updated 6 months ago
• AssuranceMaladieSec / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆26Updated 2 years ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆45Updated 4 months ago
• decoder-it / Troopers24
  ☆43Updated 4 months ago
• OtterHacker / ShareFouine
  ☆44Updated 3 weeks ago
• naksyn / talks
  Repo containing my public talks
  ☆22Updated last year
• myexploit / living_off_the_land
  ☆43Updated 4 months ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆54Updated 2 years ago
• rkbennett / pybof
  Python module for running BOFs
  ☆64Updated last year
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆30Updated 2 years ago
• 0xe7 / WonkaVision
  ☆80Updated 2 years ago