Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
☆541Dec 11, 2025Updated 3 months ago
Alternatives and similar repositories for elastic-container
Users that are interested in elastic-container are comparing it to the libraries listed below
Sorting:
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- ☆160Apr 17, 2024Updated last year
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆390Feb 23, 2024Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- Remote operations commands implemented using Beacon Object Files☆1,139Mar 5, 2026Updated 2 weeks ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆324May 17, 2024Updated last year
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- Aims to identify sleeping beacons☆663Jan 25, 2026Updated last month
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆399Aug 15, 2025Updated 7 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,828Nov 3, 2024Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- Elastic Security detection content for Endpoint☆1,389Updated this week
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,373Mar 9, 2026Updated last week
- EDR Lab for Experimentation Purposes☆1,422Mar 1, 2026Updated 3 weeks ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- ☆124May 12, 2021Updated 4 years ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆554Nov 23, 2025Updated 3 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- ☆210Nov 28, 2023Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆617Jan 2, 2025Updated last year
- An offensive data enrichment pipeline☆943Mar 10, 2026Updated last week
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆787Jan 26, 2026Updated last month
- SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.☆1,199Apr 16, 2025Updated 11 months ago
- Dumping DPAPI credz remotely☆1,337Mar 24, 2025Updated 11 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- ☆41Feb 20, 2025Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- Spartacus DLL/COM Hijacking Toolkit☆1,083Feb 1, 2024Updated 2 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- ☆319Jun 28, 2023Updated 2 years ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆1,008Jun 4, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,374Oct 27, 2023Updated 2 years ago
- ☆2,173Feb 21, 2023Updated 3 years ago
- Powerview on steroids☆903Mar 10, 2026Updated last week