pan-unit42 / wireshark-tutorial-Emotet-traffic
This repository contains zip archives of pcaps for our Wireshark tutorial about examining Emotet infection traffic. The password for any of the zip files posted here is: infected
☆24Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for wireshark-tutorial-Emotet-traffic
- ☆25Updated 3 years ago
- My Malware Analysis Reports☆17Updated 2 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆46Updated 2 years ago
- Continuous kerberoast monitor☆43Updated last year
- Resource links (video, slides & code) for my conference talks | presentations | workshops☆11Updated last month
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆14Updated 4 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Updated 3 years ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Triaging Windows event logs based on SANS Poster☆37Updated last year
- ☆27Updated 2 weeks ago
- This contains the contents needed to deploy a home lab in VirtualBox.☆17Updated 4 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆72Updated 2 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆34Updated 2 years ago
- ☆21Updated last year
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- ☆34Updated last year
- A project created with an aim to emulate and test exfiltration of data over different network protocols.☆30Updated last year
- Links to malware-related YARA rules☆14Updated 2 years ago
- Simple Live Data Collection Tool☆21Updated 4 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- A script to assist in processing forensic RAM captures for malware triage☆27Updated 3 years ago
- Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.☆36Updated 4 years ago
- Any presentation we've given at FortyNorth Security☆33Updated 3 years ago
- Ransomware Simulator for testing Blue Team Detections☆35Updated 2 years ago
- Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.☆41Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Slides from my talk at the Adversary Village, Defcon 30☆29Updated last year
- ☆15Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago