Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
☆142Jun 1, 2023Updated 2 years ago
Alternatives and similar repositories for heyserial
Users that are interested in heyserial are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Feb 3, 2022Updated 4 years ago
- Python's handling of NaN is....interesting?broken?...this project illustrates the issue☆13Dec 28, 2021Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Sep 14, 2021Updated 4 years ago
- ☆33Feb 26, 2022Updated 4 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Nim-based assembly packer and shellcode loader for opsec & profit☆489Feb 24, 2023Updated 3 years ago
- ☆39Jul 29, 2021Updated 4 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆133Jan 31, 2022Updated 4 years ago
- Threat Box Assessment Tool☆19Mar 5, 2026Updated last month
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆68Apr 12, 2022Updated 4 years ago
- A Visual Studio Code Extension agent for Mythic C2☆72Nov 5, 2024Updated last year
- 🐚ᴠʟᴀɴɢ ʀᴇᴠᴇʀsᴇ sʜᴇʟʟ🐚☆11Apr 28, 2022Updated 3 years ago
- A quick handy script to harvest credentials off of a user during a Red Team and get execution of a file from the user☆253Mar 7, 2022Updated 4 years ago
- Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information☆78Dec 7, 2025Updated 4 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- DInvisibleRegistry☆83Nov 20, 2020Updated 5 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- Run Sigma detection rules on logs from the new MacOS EndpointSecurity Framework☆22Jan 22, 2021Updated 5 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- .NET implementation of Cobalt Strike's External C2 Spec☆88Nov 12, 2021Updated 4 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- ☆615Jun 1, 2023Updated 2 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Collection of tools that reflect the network dimension into Bloodhound's data☆446Oct 19, 2022Updated 3 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆234Jun 10, 2022Updated 3 years ago
- Code and yara rules to detect and analyze Cobalt Strike☆273May 5, 2021Updated 4 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆65Feb 8, 2022Updated 4 years ago
- Adaptive DLL hijacking / dynamic export forwarding☆812Jul 6, 2020Updated 5 years ago
- Harvis is designed to automate your C2 Infrastructure.☆107Jul 10, 2022Updated 3 years ago
- Automatically create YARA rules from malicious documents.☆211May 16, 2022Updated 3 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆59Nov 21, 2024Updated last year
- Aims to identify sleeping beacons☆664Jan 25, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆10Oct 25, 2020Updated 5 years ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,068Mar 20, 2026Updated 3 weeks ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- web application pentesting tools for docker☆17Aug 9, 2022Updated 3 years ago
- ☆13Dec 29, 2022Updated 3 years ago
- Default locations for files on various Linux distros.☆10May 12, 2021Updated 4 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆52Oct 6, 2020Updated 5 years ago