mattifestation / BHUSA2018_Sysmon
All materials from our Black Hat 2018 "Subverting Sysmon" talk
☆136Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for BHUSA2018_Sysmon
- ☆108Updated 7 years ago
- IR-Tools - PowerShell tools for IR☆128Updated 7 years ago
- ☆59Updated 5 years ago
- ☆97Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆85Updated 7 years ago
- The Outlook HTML Leak Test Project☆132Updated 6 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆103Updated 7 years ago
- PowerShell No Agent Hunting☆108Updated 6 years ago
- Sandbox feature upgrade with the help of wrapped samples☆75Updated 6 years ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆54Updated 4 months ago
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆69Updated 6 years ago
- Repository for my ATT&CK analysis research.☆68Updated 5 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆106Updated 7 years ago
- Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard☆104Updated 5 years ago
- A collection of scripts to initialize a windows VM to run all the malwares!☆105Updated 4 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆49Updated 6 years ago
- Slides and reference material from Evading Autoruns presentation at DerbyCon 7 (September 2017)☆102Updated 3 years ago
- Simple DDE object detector☆55Updated 7 years ago
- ☆51Updated 6 years ago
- Useful Threat Hunting Stuff☆31Updated 4 years ago
- ☆112Updated 7 years ago
- ☆229Updated 6 years ago
- ☆57Updated 3 years ago