peasead / windows-sandbox-to-elastic

Related projects ⓘ

Alternatives and complementary repositories for windows-sandbox-to-elastic

• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆21Updated this week
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 3 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆44Updated last year
• fashionproof / RunHijackHunter
  ☆15Updated 3 years ago
• samisecure / LsassDumpReflectiveDll
  Dump Lsass Memory Using a Reflective Dll
  ☆14Updated 2 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆37Updated last year
• WithSecureLabs / AMSIDetection
  AMSI detection PoC
  ☆30Updated 4 years ago
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆36Updated 4 years ago
• rmdavy / AmsiPEBWalkVBA
  Walking the PEB in VBA
  ☆22Updated 4 years ago
• jfmaes / Parsers
  parsers to make life easier
  ☆12Updated 4 years ago
• PwnDexter / FindFrontableDomains
  Forked and updated with some additional features over the original
  ☆16Updated 3 years ago
• IceMoonHSV / Sim
  C# User Simulation
  ☆33Updated 2 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated last year
• StefanKelm / yara-rules
  Links to malware-related YARA rules
  ☆14Updated 2 years ago
• RiccardoAncarani / bloodhound-playbook
  Reproducible and extensible BloodHound playbooks
  ☆42Updated 4 years ago
• SIFalcon / Detection
  ☆21Updated last year
• SecurityJosh / MuteSysmon
  A PowerShell script to prevent Sysmon from writing its events
  ☆14Updated 4 years ago
• fatihsirin / Tweettioc-Splunk-App
  Tweettioc Splunk App
  ☆20Updated 4 years ago
• hausec / CobaltStrikeToGhostWriter
  Log converter from CS log to Ghostwriter CSV
  ☆29Updated 3 years ago
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆24Updated 3 years ago
• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated last year
• keydet89 / LNK
  Repository for LNK stuff
  ☆27Updated 2 years ago
• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• woanware / etw-event-dumper
  ☆31Updated 2 years ago
• skelsec / pypykatz-volatility3
  pypykatz plugin for volatility3 framework
  ☆31Updated 7 months ago
• whichbuffer / Antidebug
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆13Updated 2 years ago
• SneakyNachos / MalwareAnalysisTraining
  Work in Progress repo
  ☆14Updated 5 years ago
• k3idii / CobaltStrike-Tools
  Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...
  ☆27Updated last year
• WithSecureLabs / dotnet-gargoyle
  A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique
  ☆50Updated 5 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated last year