Alternatives and similar repositories for Misc-Research

Users that are interested in Misc-Research are comparing it to the libraries listed below

• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆80Updated 9 months ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆95Updated last year
• ajm4n / DLLHound
  Find potential DLL Sideloads on your windows computer
  ☆208Updated 5 months ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆176Updated 9 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆154Updated last year
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆114Updated 2 years ago
• LaresLLC / SlinkyCat
  Slinky Cat attempts to give users an easy-to-navigate menu offering predefined Active Directory Service Interfaces (ADSI) and .NET querie…
  ☆80Updated last year
• Mayyhem / Maestro
  Abusing Azure services over C2
  ☆340Updated 3 weeks ago
• jaredcatkinson / MalwareMorphology
  ☆81Updated 7 months ago
• CCob / Shwmae
  ☆151Updated 4 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆67Updated 2 years ago
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆201Updated last year
• LOLAD-Project / LOLAD-Project.github.io
  https://lolad-project.github.io/
  ☆77Updated 5 months ago
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆179Updated 2 months ago
• sensepost / mydumbedr
  ☆119Updated last year
• LuemmelSec / Custom-BloodHound-Queries
  ☆178Updated 6 months ago
• CCob / DRSAT
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆243Updated 5 months ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆82Updated last year
• synacktiv / ntdissector
  ☆144Updated this week
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• LOLESXi-Project / LOLESXi
  LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…
  ☆123Updated 4 months ago
• almandin / ntdsdotsqlite
  A small utility to translate NTDS.dit files to SQLite format.
  ☆76Updated last year
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆119Updated 3 years ago
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆276Updated last year
• SafeBreach-Labs / DoubleDrive
  A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
  ☆124Updated last year
• N0vaSky / NovaEDR-deploy
  ☆73Updated last week
• LETHAL-FORENSICS / Collect-MemoryDump
  Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR
  ☆240Updated 2 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆92Updated last month
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆154Updated last year
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆139Updated 11 months ago