janstarke / ntdsextract2Links
This aims to be a collection of tools to forensically analyze Active Directory databases
☆25Updated 4 months ago
Alternatives and similar repositories for ntdsextract2
Users that are interested in ntdsextract2 are comparing it to the libraries listed below
Sorting:
- ☆160Updated 4 months ago
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆90Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆126Updated last year
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆96Updated 3 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Baseline a Windows System against LOLBAS☆68Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- a tiny program to consume from ETW providers for research☆52Updated 9 months ago
- create a "simulated internet" cyber range environment☆18Updated 4 months ago
- All kinds of tiny shells☆58Updated 2 years ago
- Living Off the Foreign Land setup scripts☆71Updated 7 months ago
- ☆24Updated 8 months ago
- DPAPILAB Next Gen, script collection☆91Updated 3 years ago
- ☆58Updated 2 years ago
- ☆85Updated 2 years ago
- ☆82Updated 11 months ago
- A small utility to translate NTDS.dit files to SQLite format.☆79Updated 2 years ago
- ☆69Updated 2 years ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated this week
- Python DPAPI NG Decryptor for non-Windows Platforms☆63Updated 10 months ago
- Simple PowerShell script to enable process scanning with Yara.☆96Updated 3 years ago
- Tool to extract powerful tokens from Office desktop apps memory☆71Updated last year
- DEFCON 31 slide deck and video link☆65Updated 4 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆43Updated 9 months ago
- ☆33Updated last year
- A prototype malware C2 channel using x509 certificates over mTLS☆152Updated last year
- ☆26Updated 2 years ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 10 months ago
- Browse Windows Prefetch versions: 17,23,26,30v1/2,31 & some of SuperFetch .7db/.db's☆62Updated 10 months ago