nccgroup / UninstalledAppCanary

Related projects ⓘ

Alternatives and complementary repositories for UninstalledAppCanary

• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆14Updated 4 years ago
• 001SPARTaN / SaltedCaramel
  Apfell implant written in C#.
  ☆8Updated 3 years ago
• jfmaes / Parsers
  parsers to make life easier
  ☆12Updated 4 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• rvrsh3ll / SharpSSDP
  SSDP Service Discovery
  ☆16Updated 5 years ago
• skelsec / pypykatz-volatility3
  pypykatz plugin for volatility3 framework
  ☆31Updated 7 months ago
• ahhh / GoRedShell
  A cross platform tool for verifying credentials and executing single commands
  ☆32Updated 5 years ago
• NVISOsecurity / cobalt-strike-notifier
  ☆13Updated 3 years ago
• hausec / CobaltStrikeToGhostWriter
  Log converter from CS log to Ghostwriter CSV
  ☆29Updated 4 years ago
• rmdavy / AmsiPEBWalkVBAx64
  ☆14Updated 4 years ago
• py7hagoras / OfficeMacro64
  This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…
  ☆19Updated 4 years ago
• rvrsh3ll / FlaskRedirectorProtector
  Protect your servers with a secret header
  ☆28Updated 4 years ago
• PwnDexter / FindFrontableDomains
  Forked and updated with some additional features over the original
  ☆16Updated 3 years ago
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆21Updated 3 years ago
• two06 / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆15Updated 4 years ago
• inzlain / sameuser
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆13Updated 2 years ago
• rmdavy / AmsiPEBWalkVBA
  Walking the PEB in VBA
  ☆22Updated 4 years ago
• matterpreter / getDA.sh
  Identify common attack paths to get Domain Administrator
  ☆22Updated 5 years ago
• Stealthbits / RIDHijackingProofofConceptKJ
  RID Hijacking Proof of Concept script by Kevin Joyce
  ☆15Updated 6 years ago
• SneakyNachos / MalwareAnalysisTraining
  Work in Progress repo
  ☆14Updated 5 years ago
• hotnops / mythic-sync
  A tool to sync mythic events with ghostwriter oplog.
  ☆12Updated this week
• G0ldenGunSec / wmiServSessEnum
  .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems
  ☆32Updated 4 years ago
• mubix / lmo
  LetMeOutOfYour.net Resources
  ☆20Updated 4 years ago
• RiccardoAncarani / bloodhound-playbook
  Reproducible and extensible BloodHound playbooks
  ☆42Updated 4 years ago
• awgh / nfp
  Network Finger Printer
  ☆16Updated 7 years ago
• knavesec / EyeWitnessTheFitness
  Exactly what it sounds like, which is something rad
  ☆20Updated 2 years ago
• attactics / cslogwatch
  Cobalt Strike log state tracking, parsing, and storage
  ☆22Updated 5 years ago