Alternatives and similar repositories for Misc-Research:

Users that are interested in Misc-Research are comparing it to the libraries listed below

• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆78Updated 7 months ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆163Updated 4 months ago
• sensepost / mydumbedr
  ☆116Updated last year
• ajm4n / DLLHound
  Find potential DLL Sideloads on your windows computer
  ☆200Updated 3 months ago
• Mayyhem / Maestro
  Abusing Intune for Lateral Movement over C2
  ☆332Updated 2 months ago
• CCob / Shwmae
  ☆147Updated 2 months ago
• jaredcatkinson / MalwareMorphology
  ☆80Updated 5 months ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• floesen / EventLogCrasher
  ☆186Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆96Updated last year
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆172Updated 7 months ago
• wietze / Invoke-ArgFuscator
  Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…
  ☆161Updated last week
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆198Updated 10 months ago
• knight0x07 / OneNoteAnalyzer
  A C# based tool for analysing malicious OneNote documents
  ☆113Updated 2 years ago
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆111Updated 2 years ago
• jsecurity101 / JonMon
  ☆217Updated 2 months ago
• CCob / DRSAT
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆231Updated 3 months ago
• Tanguy-Boisset / bloodhound-automation
  Automatically run and populate a new instance of BH CE
  ☆72Updated 3 weeks ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆66Updated 2 years ago
• itaymigdal / LOLSpoof
  An interactive shell to spoof some LOLBins command line
  ☆184Updated last year
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆86Updated last year
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆101Updated 7 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆153Updated last year
• gtworek / VolatileDataCollector
  ☆201Updated 5 months ago
• synacktiv / ntdissector
  ☆139Updated 8 months ago
• dr4k0nia / tooling-playground
  A collection of small scripts and tools for deobfuscation and malware analysis.
  ☆66Updated 2 years ago
• Qazeer / InfoSec-Notes
  InfoSec Notes
  ☆56Updated last year
• RedSiege / jargon
  ☆142Updated 3 weeks ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆76Updated last year
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆271Updated last year