peasead / windows-sandbox-to-elasticLinks
Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
☆50Updated last year
Alternatives and similar repositories for windows-sandbox-to-elastic
Users that are interested in windows-sandbox-to-elastic are comparing it to the libraries listed below
Sorting:
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Continuous kerberoast monitor☆45Updated last year
- AMSI detection PoC☆32Updated 5 years ago
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆30Updated 2 years ago
- A collection of my presentation materials.☆17Updated last year
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Repository for LNK stuff☆30Updated 2 years ago
- A Canary which fires when uninstalled☆34Updated 4 years ago
- Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk☆45Updated 3 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 4 years ago
- C# User Simulation☆32Updated 2 years ago
- Firebase Domain Front Code☆21Updated 4 years ago
- Python tool to find vulnerable AD object and generating csv report☆14Updated 3 years ago
- ☆13Updated last year
- Quickly search for references to a GUID in DLLs, EXEs, and drivers☆74Updated 3 years ago
- Random scripts for azure stuff☆11Updated 2 years ago
- Walking the PEB in VBA☆24Updated 5 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆49Updated 3 years ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆39Updated 3 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆21Updated 3 months ago
- Machine learning enabled dropper☆27Updated 2 years ago
- This repository contains several AMSI bypasses. These bypasses are based on some very nice research that has been put out by some awesome…☆24Updated 3 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 3 years ago
- Specialized tool to dump Position Independent Code.☆22Updated 5 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆22Updated 2 years ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Updated 4 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 4 years ago
- ☆33Updated 3 years ago
- NanoDumpInject from https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/ , minor edits with a few syscalls☆11Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 2 years ago