optiv / Yara-Rules

Related projects ⓘ

Alternatives and complementary repositories for Yara-Rules

• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆36Updated 4 years ago
• cedowens / Mod_Rewrite_Automation
  Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
  ☆46Updated 3 years ago
• LuemmelSec / SAML2Spray
  Python Script for SAML2 Authentication Passwordspray
  ☆37Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆37Updated last year
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆23Updated last year
• xenoscr / SessionHound
  A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…
  ☆19Updated 2 years ago
• sourcefrenchy / goqrexfil
  A mini project to exfiltrate data via QR codes
  ☆19Updated 6 months ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆43Updated 4 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆27Updated 2 years ago
• RiccardoAncarani / bloodhound-playbook
  Reproducible and extensible BloodHound playbooks
  ☆42Updated 4 years ago
• blackarrowsec / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆17Updated 3 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• PwnDexter / Rubeus-to-Hashcat
  Converts / formats Rubeus kerberoasting output into Hashcat usable format
  ☆12Updated 4 years ago
• Mr-B0b / BloodCheck
  BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.
  ☆17Updated 3 years ago
• OTRF / bloodhound-notebook
  BloodHound Cypher Queries Ported to a Jupyter Notebook
  ☆53Updated 4 years ago
• Coalfire-Research / autorelayx
  Automatically perform advanced NTLM hash relay attacks
  ☆14Updated 2 years ago
• binaryAccess / highway_to_hell
  Pwnage
  ☆15Updated 2 years ago
• AlrikRr / ActiveDirectory_Lab
  Active DIrectory Lab for Pentesting Practice
  ☆24Updated 2 years ago
• sdcampbell / Nessusploitable
  Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv
  ☆38Updated last year
• mitchmoser / AtYourService
  Service Enumeration C# .NET Assembly
  ☆59Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆43Updated last year
• MichaelKoczwara / CobaltStrike-C2-Servers
  Cobalt Strike/C2 Servers
  ☆13Updated 3 years ago
• paragonsec / HiveNightmare-Checker
  A PowerShell script that checks for dangerous ACLs on system hives and shadows
  ☆28Updated 3 years ago
• morRubin / AzureADJoinedMachinePTC
  Tool to perform lateral movement between AAD joined devices
  ☆52Updated 2 years ago
• chryzsh / ansible-role-cobalt-strike
  Ansible role to install Cobalt Strike and optionally configure as Teamserver
  ☆31Updated 3 years ago
• CompassSecurity / PowerLsassSilentProcessExit
  ☆24Updated 3 years ago
• warhorse / ansible-role-cobaltstrike-docker
  Ansible Cobalt Strike (Docker)
  ☆14Updated 2 years ago