Repository for LNK stuff
☆31Aug 31, 2022Updated 3 years ago
Alternatives and similar repositories for LNK
Users that are interested in LNK are comparing it to the libraries listed below
Sorting:
- Site for IWS book content☆17Oct 28, 2018Updated 7 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 11 years ago
- ☆24Aug 30, 2019Updated 6 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- NTFS samples☆27Aug 1, 2020Updated 5 years ago
- ☆23Nov 13, 2021Updated 4 years ago
- Walking the PEB in VBA☆24Apr 6, 2020Updated 5 years ago
- Items related to the RedELK workshop given at security conferences☆29Sep 28, 2023Updated 2 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- The method and files used to generate Sysmon event logs, push them to a remote Splunk, and ingest/normalize the data for analysis.☆10Sep 28, 2020Updated 5 years ago
- Tool to decompress data from Windows 10 page files and memory dumps, that has been compressed by the Windows 10 memory manager.☆51Apr 9, 2019Updated 6 years ago
- ☆11Jun 9, 2020Updated 5 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- Windows registry samples☆24Nov 18, 2018Updated 7 years ago
- Development guide for Volatility Plugins☆22Sep 6, 2017Updated 8 years ago
- ☆13Dec 27, 2014Updated 11 years ago
- A script used to query the dehashed API and filter for more useful results☆16Jun 20, 2021Updated 4 years ago
- This is the Git repository for the Modern Red Teaming workshop given at SINCON2024.☆12May 23, 2024Updated last year
- ☆11Mar 12, 2021Updated 4 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Aug 6, 2022Updated 3 years ago
- Retrieve host information from NTLM☆32Feb 4, 2021Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Carve NTFS USN records from binary data☆27May 21, 2017Updated 8 years ago
- Bro PCAP Processing and Tagging API☆28Nov 9, 2017Updated 8 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆24Updated this week
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- SysScout is a fully encapsulated script that quickly and easily pulls local machine information from Linux-Based systems. A simple, easy…☆13Oct 20, 2017Updated 8 years ago
- ☆19Mar 9, 2021Updated 4 years ago
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- Ransoblin (Ransomware Bokoblin)☆18Oct 4, 2020Updated 5 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- CDPO is a tool to validate, de-duplicate, combine, query, and encrypt track data recovered from a breach.☆15Jun 23, 2017Updated 8 years ago
- ☆12Jun 3, 2022Updated 3 years ago