nccgroup / mimikatz-detector-busylightLinks
USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in differen…
☆20Updated 3 years ago
Alternatives and similar repositories for mimikatz-detector-busylight
Users that are interested in mimikatz-detector-busylight are comparing it to the libraries listed below
Sorting:
- The repository accompanying the Buer Emulation workshop☆24Updated 4 years ago
- Collection of generic YARA rules☆16Updated 3 weeks ago
- Continuous kerberoast monitor☆45Updated 2 years ago
- Firebase Domain Front Code☆21Updated 4 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Updated 2 years ago
- WMI SA stuffs☆30Updated 3 years ago
- Tools for offensive security of NetBackup infrastructures☆41Updated 2 years ago
- A Canary which fires when uninstalled☆34Updated 4 years ago
- ☆12Updated 4 years ago
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆30Updated 2 years ago
- Kibana app for RedELK☆17Updated 2 years ago
- A mini project to exfiltrate data via QR codes☆19Updated last month
- ☆14Updated 4 years ago
- Random scripts for azure stuff☆11Updated 2 years ago
- A fast wordlist to nthash converter☆21Updated 3 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated last year
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 3 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- A tool to sync mythic events with ghostwriter oplog.☆13Updated 9 months ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆22Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆39Updated 3 years ago
- A collection of my presentation materials.☆17Updated last year
- ☆18Updated last year
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated 2 years ago
- Registry hive parsing the async way☆21Updated 5 months ago
- Golang Shlyuz Implant Implementation☆13Updated 3 months ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 4 years ago
- ☆22Updated 2 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 4 years ago