janstarke / ntdsextract2Links
This aims to be a collection of tools to forensically analyze Active Directory databases
☆25Updated 3 months ago
Alternatives and similar repositories for ntdsextract2
Users that are interested in ntdsextract2 are comparing it to the libraries listed below
Sorting:
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆96Updated 2 months ago
- ☆160Updated 3 months ago
- Tool to extract powerful tokens from Office desktop apps memory☆71Updated last year
- a tiny program to consume from ETW providers for research☆52Updated 8 months ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Python DPAPI NG Decryptor for non-Windows Platforms☆63Updated 9 months ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- A small utility to translate NTDS.dit files to SQLite format.☆78Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 3 years ago
- ☆33Updated last year
- create a "simulated internet" cyber range environment☆18Updated 4 months ago
- ☆85Updated 2 years ago
- All kinds of tiny shells☆58Updated 2 years ago
- Living Off the Foreign Land setup scripts☆70Updated 7 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆95Updated 2 years ago
- ☆26Updated 3 years ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 8 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 9 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆128Updated last year
- DEFCON 31 slide deck and video link☆64Updated 4 months ago
- Linux #rootkit and #malware revealer☆27Updated last year
- A collection of tools, scripts and personal research☆146Updated last month
- ☆26Updated 2 years ago
- ☆82Updated 10 months ago
- The home of the SDDLMaker☆24Updated 8 months ago
- A prototype malware C2 channel using x509 certificates over mTLS☆152Updated last year
- ☆24Updated 7 months ago