A canary designed to minimize the impact from certain Ransomware actors
☆102Mar 3, 2021Updated 5 years ago
Alternatives and similar repositories for KilledProcessCanary
Users that are interested in KilledProcessCanary are comparing it to the libraries listed below
Sorting:
- Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.☆10Apr 3, 2022Updated 3 years ago
- Registry timestamp manipulation☆17Feb 26, 2014Updated 12 years ago
- ☆101Oct 14, 2024Updated last year
- Repository for scripts and tips for "Yara Scan Service"☆20Feb 19, 2023Updated 3 years ago
- Encode binary as English text over HTTP(s)☆30Aug 25, 2023Updated 2 years ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- A tool for the lazy OSINTer that focuses on discovery of subdomains related to a specific domain. The tool will run for free in Google Ap…☆12Mar 4, 2021Updated 5 years ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆263Apr 10, 2023Updated 2 years ago
- Firebase Domain Front Code☆21May 4, 2021Updated 4 years ago
- Slides from my AD Privesc talk at WAHCKon 2017☆16May 6, 2017Updated 8 years ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- My solutions for HackSys Extreme Vulnerable Driver☆12Apr 22, 2018Updated 7 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- ☆19Jan 31, 2025Updated last year
- Windows 7/2008 R2 EoP☆13Feb 12, 2021Updated 5 years ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated last year
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- Microsoft Windows real time file integrity monitoring and filtering using minifilter technology, this is was my university final project☆11Oct 17, 2014Updated 11 years ago
- Linux x86_64 Process Injection Utility☆58Mar 9, 2021Updated 4 years ago
- ☆39Sep 26, 2022Updated 3 years ago
- A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.☆40Jan 7, 2023Updated 3 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Detect and respond to Cobalt Strike beacons using ETW.☆516Jul 15, 2022Updated 3 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- Run Rubeus via Rundll32☆207Apr 25, 2020Updated 5 years ago
- Harvis is designed to automate your C2 Infrastructure.☆106Jul 10, 2022Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- PAC HTTPS leak demo from DEF CON 24 'Toxic Proxies' talk☆30Oct 4, 2016Updated 9 years ago
- ☆39Jul 29, 2021Updated 4 years ago
- Golang implementation of PyMISP-feedgenerator☆18Jul 31, 2022Updated 3 years ago
- A scanner for taking basic fingerprints☆50Oct 1, 2020Updated 5 years ago
- ☆825Jun 1, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆326Jan 31, 2023Updated 3 years ago
- Allow a Go process to dynamically load .NET assemblies☆150Mar 28, 2020Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- Active C&C Detector☆156Oct 5, 2023Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago