All materials from our Black Hat 2018 "Subverting Sysmon" talk
☆135Aug 10, 2018Updated 7 years ago
Alternatives and similar repositories for BHUSA2018_Sysmon
Users that are interested in BHUSA2018_Sysmon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆54Aug 13, 2018Updated 7 years ago
- ☆349Mar 19, 2021Updated 5 years ago
- ☆229May 10, 2018Updated 7 years ago
- Sysmon Tools for PowerShell☆233Aug 17, 2018Updated 7 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Remote Recon and Collection☆460Nov 23, 2017Updated 8 years ago
- Proof of concept of VMSA-2017-0012☆41Jul 27, 2017Updated 8 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆265Nov 30, 2018Updated 7 years ago
- SharpCompile is an aggressor script for Cobalt Strike which allows you to compile and execute C# in realtime. This is a more slick approa…☆289Aug 7, 2020Updated 5 years ago
- Public documents related to my talk "Bypass Windows Exploit Guard ASR" at Offensive Con 2019.☆94Feb 24, 2019Updated 7 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- BCD is a module to interact with boot configuration data (BCD) either locally or remotely using the ROOT/WMI:Bcd* WMI classes. The functi…☆64Aug 16, 2020Updated 5 years ago
- Confirms the capability of Hardware-Accelerated Virtualization Technology.☆10Feb 26, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- BlackHat Europe 2017 Slides☆25Feb 15, 2018Updated 8 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆940Dec 12, 2023Updated 2 years ago
- .NET tool for enumeration processes and dumping memory.☆57Apr 4, 2019Updated 7 years ago
- A tool to run .Net DLLs from the command line☆105Oct 23, 2018Updated 7 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Dec 26, 2018Updated 7 years ago
- A PoC Java Stager which can download, compile, and execute a Java file in memory.☆108Aug 6, 2018Updated 7 years ago
- Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.☆141Mar 7, 2018Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Extract OLEv1 objects from RTF files by instrumenting Word☆50Nov 19, 2019Updated 6 years ago
- 🔵 Ethereum and BNB (BSC) Mev bot - Arbitrage☆362Mar 4, 2026Updated last month
- A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.☆42Nov 10, 2018Updated 7 years ago
- A PoC WMI backdoor presented at Black Hat 2015☆276Aug 10, 2015Updated 10 years ago
- crash poc & Leak info PoC☆17Mar 19, 2018Updated 8 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Kerberos accounts enumeration taking advantage of AS-REQ☆43Apr 25, 2018Updated 7 years ago
- PowerShell cmdlet to push PowerShell attack modules to a remote system via PSRemoting and if required enable WinRM remotely.☆28Sep 13, 2016Updated 9 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Reflective Polymorphism☆109Jun 29, 2018Updated 7 years ago
- All TMF files that I extracted from Microsoft PDBs.☆14Jun 29, 2019Updated 6 years ago
- Chakra vulnerability and exploit bypass all system mitigation☆82Jun 9, 2018Updated 7 years ago
- Enumerate all processes and get specified file's handle,then close it.☆12Jul 2, 2018Updated 7 years ago
- An Insider Threat Toolkit☆156Dec 17, 2018Updated 7 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆432Dec 22, 2023Updated 2 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,549Aug 2, 2019Updated 6 years ago