Baseline a Windows System against LOLBAS
☆72Feb 2, 2026Updated last month
Alternatives and similar repositories for LOLBASline
Users that are interested in LOLBASline are comparing it to the libraries listed below
Sorting:
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆96Dec 28, 2025Updated 2 months ago
- Security Content for the PEAK Threat Hunting Framework☆44Feb 15, 2024Updated 2 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆323Oct 12, 2025Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 6 months ago
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- On-Premises Open Cyber Threat Intelligence Platform☆11Oct 29, 2024Updated last year
- Detection rule validation☆40Oct 25, 2023Updated 2 years ago
- A simple tool designed to create Atomic Red Team tests with ease.☆49Mar 11, 2025Updated 11 months ago
- A Bloodhound alternative. BloodBash will ingest the same files bloodhound does but no server is required to use this tool. It's great for…☆175Mar 2, 2026Updated last week
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆277Dec 20, 2025Updated 2 months ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆167Oct 21, 2025Updated 4 months ago
- Windows Shell Link (LNK) Proof of Concept☆16Jul 19, 2025Updated 7 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- Web Crawler for Identifying Entry Points☆11Mar 26, 2024Updated last year
- ScriptSentry finds misconfigured and dangerous logon scripts.☆624Feb 16, 2026Updated 3 weeks ago
- Tool for obtaining information about PPL processes☆16Feb 12, 2024Updated 2 years ago
- Ultimate Applocker Hardening Configuration Script.☆35Jul 26, 2024Updated last year
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆303Updated this week
- ☆176Apr 9, 2025Updated 11 months ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- A repository to store community malware research notes and findings.☆15Feb 13, 2026Updated 3 weeks ago
- PowerShell tool for auditing Microsoft Entra ID Conditional Access policies and MFA compliance☆31Aug 2, 2025Updated 7 months ago
- Python based GUI for browsing LDAP☆180Dec 7, 2025Updated 3 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…☆62Jul 29, 2025Updated 7 months ago
- SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveragi…☆36Jul 10, 2024Updated last year
- bootloaders.io is a curated list of known malicious bootloaders for various operating systems. The project aims to assist security profes…☆71Aug 31, 2023Updated 2 years ago
- A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS☆148Dec 21, 2025Updated 2 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆83Apr 27, 2024Updated last year
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆134Nov 12, 2025Updated 3 months ago
- A repository to share publicly available Velociraptor detection content☆196Updated this week
- ☆61Jun 18, 2025Updated 8 months ago
- A Patchless AMSI Bypass Technique using VEH²☆30Jun 22, 2025Updated 8 months ago
- ☆14Jun 29, 2023Updated 2 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆18Mar 21, 2025Updated 11 months ago
- This is the repository for indicators of compromise (IOCs) and other data for threat intelligence articles posted on the Palo Alto Networ…☆115Nov 17, 2025Updated 3 months ago
- ☆17Jul 17, 2023Updated 2 years ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago