nccgroup / mimikatz-detector-busylight
USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in differen…
☆20Updated 2 years ago
Alternatives and similar repositories for mimikatz-detector-busylight:
Users that are interested in mimikatz-detector-busylight are comparing it to the libraries listed below
- Firebase Domain Front Code☆21Updated 3 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- WMI SA stuffs☆29Updated 2 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated last year
- Kibana app for RedELK☆16Updated last year
- ☆12Updated 2 years ago
- ☆13Updated 3 years ago
- Ansible role that Installs Mythic☆14Updated 7 months ago
- visually see issues with supported cipher suites☆15Updated 8 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 7 months ago
- Reproducible and extensible BloodHound playbooks☆42Updated 5 years ago
- ☆17Updated last year
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support☆22Updated 3 years ago
- ☆11Updated 4 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆13Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Apply a filter to the events being reported by windows event logging☆15Updated 4 years ago
- Tool to download, install, and run macOS capable command & control servers (i.e., C2s with macOS payloads/clients) as docker containers f…☆18Updated 4 years ago
- Collection of generic YARA rules☆15Updated 8 months ago
- Execute embedded Mimikatz☆13Updated 3 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆20Updated 10 months ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆38Updated 5 years ago
- ☆12Updated 3 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated 10 months ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆13Updated 2 years ago
- Ansible role to deploy RedELK server☆18Updated last year
- Random scripts for azure stuff☆11Updated 2 years ago