peasead / windows-sandbox-to-elastic
Rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sending data to Elastic Cloud.
☆48Updated last year
Alternatives and similar repositories for windows-sandbox-to-elastic:
Users that are interested in windows-sandbox-to-elastic are comparing it to the libraries listed below
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Continuous kerberoast monitor☆44Updated last year
- AMSI detection PoC☆31Updated 4 years ago
- Log converter from CS log to Ghostwriter CSV☆29Updated 4 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- ☆22Updated last year
- ☆33Updated 3 years ago
- Repository for LNK stuff☆29Updated 2 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- ☆16Updated 3 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆34Updated 3 years ago
- Tricard - Malware Sandbox Fingerprinting☆20Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆18Updated last year
- ☆12Updated 4 years ago
- Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …☆13Updated 2 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 3 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆16Updated 2 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 8 months ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆17Updated 3 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆20Updated last year
- Reproducible and extensible BloodHound playbooks☆42Updated 5 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆55Updated 2 years ago
- Modular malware analysis artifact collection and correlation framework☆53Updated 11 months ago
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆17Updated last year
- reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support☆22Updated 3 years ago
- Slides for the talk we presented as UniPi at DefCon's Red Team Village☆23Updated 2 years ago