Alternatives and similar repositories for windows-sandbox-to-elastic

Users that are interested in windows-sandbox-to-elastic are comparing it to the libraries listed below

• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆45Updated last year
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 11 months ago
• nccgroup / UninstalledAppCanary
  A Canary which fires when uninstalled
  ☆34Updated 4 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆30Updated 2 years ago
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆32Updated 5 years ago
• R-Secure / AMSI-Bypasses
  This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…
  ☆24Updated 3 years ago
• monoxgas / minibus
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆22Updated 2 years ago
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆24Updated 4 years ago
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 3 years ago
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆49Updated 3 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated last year
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆33Updated 2 years ago
• egypt / fake-webdav
  ☆11Updated 4 years ago
• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated 2 years ago
• HackingThings / SuperSneakyExec
  Loading and executing shellcode in C# without PInvoke.
  ☆22Updated 3 years ago
• codewhitesec / apollon
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆22Updated last year
• therealunicornsecurity / tricard
  Tricard - Malware Sandbox Fingerprinting
  ☆20Updated last year
• Apr4h / GetInjectedThreads
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆54Updated 4 years ago
• lapolis / palinka_c2
  Just another useless C2 occupying space in some HDD somewhere.
  ☆20Updated 2 years ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆30Updated 2 years ago
• codewhitesec / daphne
  Proof-of-Concept to evade auditd by tampering via ptrace
  ☆17Updated last year
• moohax / Deep-Drop
  Machine learning enabled dropper
  ☆27Updated 2 years ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆23Updated 3 years ago
• GhostManager / mythic_sync
  Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+
  ☆18Updated 5 months ago
• chvancooten / nimbuild
  A Docker container used to easily compile Nim binaries generated by my tools (NimPackt and NimPlant)
  ☆16Updated last year
• RiccardoAncarani / bloodhound-playbook
  Reproducible and extensible BloodHound playbooks
  ☆44Updated 5 years ago
• ZeroPointSecurity / Domain-Enumeration-Tool
  Perform Windows domain enumeration via LDAP
  ☆36Updated 3 years ago
• Syslifters / split-bloodhound
  ☆18Updated last year