matthw / malware_analysis

Related projects: ⓘ

• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 4 months ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 2 years ago
• sneakid / DC30-PhineasTalk
  Slides for the talk we presented as UniPi at DefCon's Red Team Village
  ☆23Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆61Updated 2 years ago
• EspressoCake / MITRE_ATTACK_CLI
  CLI Search for Security Operators of MITRE ATT&CK URLs
  ☆16Updated last year
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆25Updated last week
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆50Updated 3 years ago
• OtterHacker / Cerbere
  ☆45Updated last year
• OtterHacker / LabS4U2Self
  ☆29Updated last year
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆49Updated last year
• hyd3sec / MultiThreaded_C2_With_Keylogger
  Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil
  ☆20Updated 2 years ago
• patrickhener / invictus
  OSED Practice binary
  ☆24Updated 9 months ago
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆23Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated 10 months ago
• johnjhacking / badgerDAPS
  Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…
  ☆36Updated 10 months ago
• felmoltor / goLAPS
  Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.
  ☆29Updated 3 months ago
• RiccardoAncarani / talks
  ☆41Updated 2 years ago
• MrAle98 / psinline
  in-process powershell runner for BRC4
  ☆35Updated 10 months ago
• NexusFuzzy / vidone
  ☆17Updated this week
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆24Updated 3 years ago
• RedSiege / SharpCollectionTemplate
  ☆13Updated 11 months ago
• R-Secure / AMSI-Bypasses
  This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…
  ☆23Updated 2 years ago
• AonCyberLabs / DUALITY
  ☆14Updated 6 months ago
• decoder-it / Troopers24
  ☆42Updated 2 months ago
• crisprss / magicNetdefs
  Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…
  ☆49Updated 2 years ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆22Updated 2 years ago
• attl4s / freeMetsrvLoader
  freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
  ☆33Updated last year
• a7t0fwa7 / DllDragon
  A simple to use single-include Windows API resolver
  ☆17Updated 2 months ago
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated 11 months ago
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆29Updated 2 months ago