nettitude / PoshC2_IOCsView external linksLinks
A list of IOCs applicable to PoshC2
☆24Aug 3, 2020Updated 5 years ago
Alternatives and similar repositories for PoshC2_IOCs
Users that are interested in PoshC2_IOCs are comparing it to the libraries listed below
Sorting:
- Writeups of CTF challenges I do☆13Sep 29, 2019Updated 6 years ago
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆70Jan 6, 2026Updated last month
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Everything related to YARA☆16Sep 9, 2025Updated 5 months ago
- Azure function to insert MISP data in to Azure Sentinel☆34Oct 19, 2022Updated 3 years ago
- A tool to run and validate telemetry for Atomic Red Team tests☆15Mar 21, 2024Updated last year
- Parser for Windows Scheduled Task files.☆13Apr 26, 2023Updated 2 years ago
- Carve $MFT records from a chunk of data (for instance a memory dump)☆16Aug 21, 2016Updated 9 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- JSON API for ExploitDB Website☆17Jan 11, 2015Updated 11 years ago
- Anvil Secure's Burp extension for signing AWS requests with SigV4☆21Aug 20, 2025Updated 5 months ago
- Container for assorted volatility plugins.☆23Oct 22, 2013Updated 12 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 4 years ago
- Volatility plugins created by the author☆44Oct 2, 2015Updated 10 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- GenAI-STIX2.1-Generator is a tool that leverages Azure OpenAI capabilities to transform threat intelligence reports from unstructured web…☆23Mar 24, 2025Updated 10 months ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- 一个轻量级、多线程、支持管道的自动化互联网漏洞挖掘框架。☆21Oct 30, 2018Updated 7 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- Quick ESXi Log Parser☆28Oct 20, 2025Updated 3 months ago
- ☆24Feb 18, 2025Updated 11 months ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- ☆22Jul 7, 2023Updated 2 years ago
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Random hunting ordiented yara rules☆98Mar 27, 2023Updated 2 years ago
- Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA☆81Nov 19, 2025Updated 2 months ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆107Feb 12, 2023Updated 3 years ago
- ☆10Sep 11, 2021Updated 4 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆119Jan 22, 2026Updated 3 weeks ago
- The VT Augment widget is an official, compliant and recommended way of integrating VirusTotal data in third-party applications.☆38Jun 28, 2024Updated last year
- A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.☆30Apr 14, 2023Updated 2 years ago
- A highly available AWS deployment of the Threat Intelligence platform, OpenCTI using Terraform. Native AWS resources are used where feasi…☆38Apr 23, 2023Updated 2 years ago
- ☆10Apr 20, 2022Updated 3 years ago