limbenjamin / TCPHound
Win32 utility for auditing TCP connections
☆56Updated 4 years ago
Alternatives and similar repositories for TCPHound:
Users that are interested in TCPHound are comparing it to the libraries listed below
- LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network☆73Updated 5 years ago
- Repository for my ATT&CK analysis research.☆69Updated 5 years ago
- ☆57Updated 4 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- OSSEM Modular☆27Updated 4 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- Shows command lines used by latest instances analyzed on Hybrid-Analysis☆43Updated 6 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆55Updated 8 months ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆45Updated 7 years ago
- Theat hunting notes in flat file format and mapped to MITRE's ATT&CK IDs☆42Updated 6 years ago
- Code and Slides of my BSides London 2019 presentation about Attacker Emulation using CALDERA☆22Updated 5 years ago
- gpocheck☆30Updated 7 months ago
- Presentation materials for talks I've given.☆20Updated 5 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆108Updated 6 years ago
- Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.☆64Updated 5 years ago
- Pypykatz agent implemented in .NET☆86Updated 6 years ago
- ☆55Updated 4 years ago
- Ps1jacker is a tool for generating COM Hijacking payload.☆61Updated last month
- Test if an antivirus is installed via the resolution of the service virtual SID☆55Updated 5 years ago
- SilkETW & SilkService☆40Updated 5 years ago
- A powershell script that prints a lot of IP and connection info to the screen☆31Updated 8 years ago
- Comprehensive Pivoting Framework☆20Updated 8 years ago
- ☆59Updated 5 years ago
- ☆51Updated 6 years ago
- Conveigh is a Windows PowerShell LLMNR/NBNS spoofer detection tool☆97Updated 8 years ago
- Loads the AutoIt DLL and PowerShell assemblies into memory and executes the specified keystrokes☆61Updated 7 years ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆69Updated 6 years ago
- Generate a Yara rule to find base64-encoded files containg a specific keyword☆40Updated 6 years ago
- Binary commandline executable to parse ETL files☆67Updated 6 years ago
- Scan web server for known webshell names and responses☆50Updated 8 years ago