nccgroup / mimikatz-detector-busylightLinks
USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in differen…
☆20Updated 2 years ago
Alternatives and similar repositories for mimikatz-detector-busylight
Users that are interested in mimikatz-detector-busylight are comparing it to the libraries listed below
Sorting:
- ☆12Updated 2 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- parsers to make life easier☆13Updated 4 years ago
- ☆11Updated 4 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆18Updated 3 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- ☆18Updated last year
- ☆12Updated 4 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Serving files with conditions, serverside keying and more.☆18Updated 3 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- A tool to sync mythic events with ghostwriter oplog.☆13Updated 6 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- ☆12Updated 3 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Collection of generic YARA rules☆16Updated 11 months ago
- Kibana app for RedELK☆17Updated 2 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆20Updated 4 years ago
- reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support☆22Updated 3 years ago
- Repository for LNK stuff☆30Updated 2 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- Drakus allows you to monitor the artifacts and domains used in a Red Team exercise to see if they have been uploaded to certain online ma…☆13Updated 4 years ago
- Alpine hostapd-mana based RADIUS server☆10Updated last year
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated 2 years ago
- A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)☆16Updated last year
- Reproducible and extensible BloodHound playbooks☆43Updated 5 years ago
- ☆14Updated 3 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Updated 2 years ago
- Log converter from CS log to Ghostwriter CSV☆30Updated 4 years ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆21Updated last year