lkarlslund / nifo

Related projects ⓘ

Alternatives and complementary repositories for nifo

• MaLDAPtive / Invoke-Maldaptive
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆218Updated 3 months ago
• floesen / EventLogCrasher
  ☆181Updated 9 months ago
• trustedsec / specula
  ☆180Updated last month
• outflanknl / edr-internals
  Tools for analyzing EDR agents
  ☆208Updated 5 months ago
• CCob / Shwmae
  ☆130Updated last month
• hackerhouse-opensource / WMIProcessWatcher
  A CIA tradecraft technique to asynchronously detect when a process is created using WMI.
  ☆131Updated 10 months ago
• srlabs / Certiception
  An ADCS honeypot to catch attackers in your internal network.
  ☆222Updated 4 months ago
• deepinstinct / NoFilter
  ☆293Updated 2 weeks ago
• Mayyhem / Maestro
  Abusing Intune for Lateral Movement over C2
  ☆269Updated last week
• EvanMcBroom / lsa-whisperer
  Tools for interacting with authentication packages using their individual message protocols
  ☆296Updated last week
• RedSiege / Jigsaw
  Hide shellcode by shuffling bytes into a random array and reconstruct at runtime
  ☆178Updated 4 months ago
• trustedsec / The_Shelf
  Retired TrustedSec Capabilities
  ☆225Updated last month
• dazzyddos / HSC24RedTeamInfra
  Slides and Codes used for the workshop Red Team Infrastructure Automation
  ☆174Updated 6 months ago
• nasbench / Misc-Research
  A collection of tools, scripts and personal research
  ☆111Updated 4 months ago
• hackerhouse-opensource / Artillery
  CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…
  ☆174Updated 10 months ago
• CCob / DGPOEdit
  Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
  ☆144Updated 2 months ago
• deepinstinct / ContainYourself
  A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.
  ☆300Updated last year
• techBrandon / DC32-GOAD
  ☆49Updated 3 months ago
• rtecCyberSec / Packer_Development
  Slides & Code snippets for a workshop held @ x33fcon 2024
  ☆236Updated 4 months ago
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆123Updated 5 months ago
• amjcyber / pwnlook
  An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…
  ☆123Updated last month
• Flangvik / QRucible
  Python utility that generates "imageless" QR codes in various formats
  ☆99Updated 3 months ago
• Wh04m1001 / GamingServiceEoP
  ☆148Updated 7 months ago
• jsecurity101 / ETWInspector
  ☆153Updated 5 months ago
• hackerhouse-opensource / SignToolEx
  Patching "signtool.exe" to accept expired certificates for code-signing.
  ☆268Updated 3 months ago
• badsectorlabs / sccm-http-looter
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
  ☆162Updated last month
• gatariee / gocheck
  Because AV evasion should be easy.
  ☆306Updated 3 months ago
• mandiant / msi-search
  ☆265Updated last year
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆190Updated 5 months ago
• hackerhouse-opensource / Marble
  The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools.
  ☆289Updated 10 months ago