intelliroot-tech / ProcessHuntingToolkit

Related projects: ⓘ

• outflanknl / Training-MSOfficeOffensiveTradecraft
  Info related to the Outflank training: Microsoft Office Offensive Tradecraft
  ☆50Updated 4 months ago
• LOLDrivers-Project / LOLDrivers
  ☆35Updated this week
• ACE-Responder / ace-proctree
  Create a cool process tree like https://twitter.com/ACEResponder.
  ☆34Updated last year
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆68Updated 6 months ago
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆64Updated 3 weeks ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆29Updated last year
• deletehead / ReleaseTheHounds
  ☆45Updated this week
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆53Updated last year
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆61Updated 2 years ago
• 0xHossam / WERPersistence
  ☆18Updated this week
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 2 months ago
• XForceIR / SideLoadHunter
  ☆20Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆68Updated last year
• MitchHS / SharpETW-Patch
  ☆22Updated 9 months ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated 11 months ago
• dsnezhkov / shutter
  ☆105Updated 3 years ago
• RedSiege / Chromatophore
  Utilities for obfuscating shellcode
  ☆38Updated 2 months ago
• joe-desimone / rep-research
  ☆62Updated last month
• secureworks / BAADTokenBroker
  ☆45Updated 5 months ago
• yoda66 / MalwareDevTalk
  ☆47Updated 4 years ago
• rotarydrone / GlobalUnProtect
  Decrypt GlobalProtect configuration and cookie files.
  ☆74Updated last week
• mgeeky / msi-shenanigans
  Proof of Concept code and samples presenting emerging threat of MSI installer files.
  ☆77Updated last year
• morRubin / NegoExRelay
  ☆83Updated 2 years ago
• 0xe7 / WonkaVision
  ☆79Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆94Updated 7 months ago
• Octoberfest7 / Presentations
  Slide decks and/or materials from conference presentations
  ☆55Updated last year
• magichk / magicbloodhound
  ☆21Updated this week
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆86Updated last year
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆90Updated 2 months ago
• jfmaes / CSharpReflectionWorkshop
  The repository that complements the From zero to hero: creating a reflective loader in C# workshop
  ☆37Updated 2 years ago