nasbench / Misc-Research
A collection of tools, scripts and personal research
☆127Updated 8 months ago
Alternatives and similar repositories for Misc-Research:
Users that are interested in Misc-Research are comparing it to the libraries listed below
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆76Updated 6 months ago
- Find potential DLL Sideloads on your windows computer☆176Updated 2 months ago
- Abusing Intune for Lateral Movement over C2☆327Updated last month
- ☆114Updated last year
- ☆80Updated 4 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆123Updated 9 months ago
- ☆216Updated last month
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆93Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆159Updated 3 months ago
- ☆146Updated last month
- ☆139Updated 7 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆121Updated last month
- ☆297Updated 4 months ago
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- Active C&C Detector☆152Updated last year
- Azure AD cheatsheet for the CARTP course☆108Updated 2 years ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆168Updated 6 months ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆100Updated 6 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 10 months ago
- Detect WFP filters blocking EDR communications☆85Updated last year
- A collection of small scripts and tools for deobfuscation and malware analysis.☆66Updated last year
- https://lolad-project.github.io/☆72Updated 2 months ago
- ☆25Updated 2 years ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆229Updated 2 months ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆144Updated 10 months ago
- Automatically run and populate a new instance of BH CE☆69Updated last week
- Default Detections for EDR☆96Updated last year
- Yara Rules for Modern Malware☆73Updated last year