nccgroup / mimikatz-detector-busylight
USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is executed, a thread is spwaned by default that tries to locate one of the busylights that is supported. All HID devices are enumerated, if PID/VID is matching then packets are sent to flash the busylight in differen…
☆20Updated 2 years ago
Alternatives and similar repositories for mimikatz-detector-busylight:
Users that are interested in mimikatz-detector-busylight are comparing it to the libraries listed below
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- ☆11Updated 4 years ago
- ☆12Updated 2 years ago
- ☆12Updated 4 years ago
- Collection of generic YARA rules☆16Updated 10 months ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆27Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 9 months ago
- Kibana app for RedELK☆17Updated 2 years ago
- Firebase Domain Front Code☆21Updated 4 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- Serving files with conditions, serverside keying and more.☆18Updated 2 years ago
- ☆18Updated last year
- ☆14Updated 3 years ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆21Updated last year
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- Repository for LNK stuff☆30Updated 2 years ago
- visually see issues with supported cipher suites☆16Updated 10 months ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- A mini project to exfiltrate data via QR codes☆19Updated 2 weeks ago
- parsers to make life easier☆13Updated 4 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆20Updated last week
- AMSI detection PoC☆31Updated 5 years ago
- WMI SA stuffs☆29Updated 3 years ago
- ☆34Updated 2 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- ☆14Updated last year
- Golang Shlyuz Implant Implementation☆12Updated 2 years ago