A list of IOCs applicable to PoshC2
☆24Aug 3, 2020Updated 5 years ago
Alternatives and similar repositories for PoshC2_IOCs
Users that are interested in PoshC2_IOCs are comparing it to the libraries listed below
Sorting:
- FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.☆73Jan 6, 2026Updated 2 months ago
- Everything related to YARA☆16Feb 19, 2026Updated 2 weeks ago
- Azure function to insert MISP data in to Azure Sentinel☆34Oct 19, 2022Updated 3 years ago
- Indicators of Normality☆11Jul 22, 2022Updated 3 years ago
- Modules created by Nettitude for Metasploit☆12Jun 20, 2018Updated 7 years ago
- A tool to run and validate telemetry for Atomic Red Team tests☆16Mar 21, 2024Updated last year
- Encode binary as English text over HTTP(s)☆30Aug 25, 2023Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 3 months ago
- JSON API for ExploitDB Website☆17Jan 11, 2015Updated 11 years ago
- VTC - Velociraptor Timeline Creator☆19May 15, 2024Updated last year
- Container for assorted volatility plugins.☆23Oct 22, 2013Updated 12 years ago
- Repository for all cbapi example scripts☆16Sep 18, 2018Updated 7 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 4 years ago
- Volatility plugins created by the author☆44Oct 2, 2015Updated 10 years ago
- Anvil Secure's Burp extension for signing AWS requests with SigV4☆21Aug 20, 2025Updated 6 months ago
- GenAI-STIX2.1-Generator is a tool that leverages Azure OpenAI capabilities to transform threat intelligence reports from unstructured web…☆24Mar 24, 2025Updated 11 months ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- ☆23Dec 15, 2022Updated 3 years ago
- ☆24Feb 18, 2025Updated last year
- Quick ESXi Log Parser☆29Oct 20, 2025Updated 4 months ago
- Volatility Plugins☆22May 1, 2015Updated 10 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10May 27, 2024Updated last year
- Carbon Black Response IR tool☆55Dec 10, 2020Updated 5 years ago
- Random hunting ordiented yara rules☆96Mar 27, 2023Updated 2 years ago
- Zeek package to generate a SMB client fingerprint☆27May 5, 2020Updated 5 years ago
- Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA☆81Nov 19, 2025Updated 3 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Jul 7, 2022Updated 3 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- ☆10Sep 11, 2021Updated 4 years ago
- Publicly shareable windows event log message data☆28Nov 29, 2019Updated 6 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month
- ☆10Apr 20, 2022Updated 3 years ago
- A multi-threaded malware sample downloader based upon given MD-5/SHA-1/SHA-256 hashes, using multiple malware databases.☆30Apr 14, 2023Updated 2 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago
- A highly available AWS deployment of the Threat Intelligence platform, OpenCTI using Terraform. Native AWS resources are used where feasi…☆39Apr 23, 2023Updated 2 years ago