nasbench / C2-Matrix-Indicators
This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
☆72Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for C2-Matrix-Indicators
- Simple PowerShell script to enable process scanning with Yara.☆90Updated 2 years ago
- ShellSweeping the evil.☆52Updated 5 months ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆57Updated 2 years ago
- ☆41Updated 7 months ago
- Bloodhound Portable for Windows☆51Updated last year
- ☆37Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆34Updated last year
- ☆25Updated 3 years ago
- Placeholder for my detection repo and misc detection engineering content☆43Updated last year
- Yara Rules for Modern Malware☆67Updated 8 months ago
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.☆76Updated 2 years ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆50Updated last year
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆56Updated last week
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆25Updated 2 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆65Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆49Updated 6 months ago
- Kerberoast Detection Script☆30Updated 3 weeks ago
- Automatic detection engineering technical state compliance☆51Updated 4 months ago
- Living off the False Positive!☆29Updated 3 months ago
- Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.☆52Updated 9 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆93Updated last year
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆34Updated last year
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- Get intelligence info (tags, mitre techniques, yara and more) and find similar malware in a fast and easy way☆18Updated 2 years ago
- Default Detections for EDR☆94Updated 9 months ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- A home for detection content developed by the delivr.to team☆59Updated last week
- General Content☆20Updated 4 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆60Updated 7 months ago