nccgroup / mimikatz-detector-busylight
USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in differen…
☆19Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for mimikatz-detector-busylight
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- Firebase Domain Front Code☆21Updated 3 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆13Updated 2 years ago
- Repository for LNK stuff☆27Updated 2 years ago
- ☆17Updated last year
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 4 months ago
- parsers to make life easier☆12Updated 4 years ago
- A PowerShell script to prevent Sysmon from writing its events☆14Updated 4 years ago
- A mini project to exfiltrate data via QR codes☆19Updated 7 months ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- Apply a filter to the events being reported by windows event logging☆15Updated 4 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- ☆13Updated 3 years ago
- A tool to sync mythic events with ghostwriter oplog.☆12Updated 3 years ago
- Collection of generic YARA rules☆14Updated 5 months ago
- My nim learning experiments☆11Updated 2 years ago
- Helpful operator notes and techniques in actionable form☆16Updated last year
- Scans through registry hives outputting entropy values for key/values, dumps binary contents to files...we are looking for those "fileles…☆11Updated 5 years ago
- ☆10Updated 4 years ago
- Execute embedded Mimikatz☆13Updated 2 years ago
- AMSI detection PoC☆30Updated 4 years ago
- pypykatz plugin for volatility3 framework☆31Updated 7 months ago
- Ansible role that Installs Mythic☆14Updated 4 months ago
- ☆12Updated 3 years ago
- Random scripts for azure stuff☆11Updated 2 years ago
- ☆12Updated 2 years ago