Ransomware simulation script written in PowerShell. Useful for testing your defenses and backups against real ransomware-like activity in a controlled setting.
☆239Oct 14, 2024Updated last year
Alternatives and similar repositories for RanSim
Users that are interested in RanSim are comparing it to the libraries listed below
Sorting:
- PowerShell Ransomware Simulator with C2 Server☆499Jan 2, 2026Updated last month
- Make an executable run with TrustedInstaller permissions under SYSTEM account.☆46Nov 16, 2020Updated 5 years ago
- A simple demonstration tool to simulate a ransomware attack☆41Jul 6, 2023Updated 2 years ago
- Pathbyter is a lightning fast proof-of-concept ransomware that uses RSA wrapped AES, multiprocessing, in memory key encryption, appends e…☆26Sep 25, 2023Updated 2 years ago
- Notes and IoCs of fresh malware☆62Jul 5, 2024Updated last year
- Repository and archive for Killing The Bear Gitbook☆83Aug 15, 2023Updated 2 years ago
- Cisco CallManager User Enumeration☆15Aug 16, 2022Updated 3 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,230Aug 18, 2023Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Ransomware simulator written in Golang☆471Jun 30, 2022Updated 3 years ago
- Ransomware Simulator for Red/Blue teams to test their defences.☆19Apr 4, 2022Updated 3 years ago
- ☆14Mar 28, 2018Updated 7 years ago
- Helping to automate payload development, testing, Opsec checking, beacon tasking, and deployment for Cobalt Strike☆51Jun 18, 2022Updated 3 years ago
- Simple 5060 port exploit that calls to a receiver device with pre-setuped phrase☆34Jul 5, 2022Updated 3 years ago
- Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack☆180Jul 6, 2021Updated 4 years ago
- A PoC ransomware sample to test out your ransomware response strategy.☆212Feb 10, 2026Updated 2 weeks ago
- Finding all things on-prem Microsoft for password spraying and enumeration.☆257May 17, 2022Updated 3 years ago
- .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access☆159Nov 1, 2022Updated 3 years ago
- evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)☆1,498Dec 21, 2023Updated 2 years ago
- pyCobaltHound is an Aggressor script extension for Cobalt Strike which aims to provide a deep integration between Cobalt Strike and Blood…☆135May 25, 2023Updated 2 years ago
- A C2 post-exploitation framework☆482Jan 24, 2024Updated 2 years ago
- ☆243Nov 21, 2024Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security resear…☆274Mar 1, 2021Updated 4 years ago
- A swiss army knife for pentesting networks☆25Sep 3, 2022Updated 3 years ago
- ☆53Apr 19, 2023Updated 2 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Roast in the Middle☆294Sep 19, 2025Updated 5 months ago
- Find Microsoft Exchange instance for a given domain and identify the exact version☆188Jan 30, 2023Updated 3 years ago
- A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.☆387Jan 20, 2026Updated last month
- retrieve information via O365 and AzureAD with a valid cred☆730Aug 14, 2022Updated 3 years ago
- Search datasets for Bitlocker recovery files and triage live systems for Bitlocker keys.☆51Jan 26, 2025Updated last year
- Another Windows Local Privilege Escalation from Service Account to System☆939Nov 12, 2022Updated 3 years ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Aug 11, 2023Updated 2 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆603Jul 22, 2022Updated 3 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows…☆2,055Dec 11, 2024Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆537May 9, 2025Updated 9 months ago
- Ransomware Simulator for testing Blue Team Detections☆37Jun 5, 2022Updated 3 years ago