peasead / windows-sandbox-to-elasticLinks
Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
☆50Updated last year
Alternatives and similar repositories for windows-sandbox-to-elastic
Users that are interested in windows-sandbox-to-elastic are comparing it to the libraries listed below
Sorting:
- The repository accompanying the Buer Emulation workshop☆24Updated 4 years ago
- Continuous kerberoast monitor☆45Updated 2 years ago
- Collection of generic YARA rules☆16Updated last week
- Repository for LNK stuff☆31Updated 2 years ago
- AMSI detection PoC☆32Updated 5 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆50Updated 3 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated last year
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆30Updated 2 years ago
- A collection of my presentation materials.☆17Updated last year
- Specialized tool to dump Position Independent Code.☆22Updated 5 years ago
- MITRE TTPs derived from Conti's leaked playbooks from XSS.IS☆39Updated 3 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- ☆12Updated 3 years ago
- Code for profiling sandboxes - Initially an idea to profile sandboxes, the code is written to take enviromental variables and send them b…☆21Updated 3 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆22Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Updated 4 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Updated 4 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆33Updated 2 years ago
- My Malware Analysis Reports☆22Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Updated 2 years ago
- A Canary which fires when uninstalled☆34Updated 4 years ago
- ☆18Updated last year
- Golang bindings for PE-sieve☆42Updated last year
- ☆18Updated last year
- Mythic Developer Series: Workshop Golang Agent☆25Updated 2 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 3 years ago
- Random scripts for azure stuff☆11Updated 2 years ago