s0lari / Hornets-NestView external linksLinks
Purple Team Security
☆76Mar 24, 2022Updated 3 years ago
Alternatives and similar repositories for Hornets-Nest
Users that are interested in Hornets-Nest are comparing it to the libraries listed below
Sorting:
- Bunch of honey related items that spoof/decoy powersploit functions.☆18Apr 23, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- Lateral Movement graph for Azure Active Directory☆127Dec 8, 2022Updated 3 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆31Jul 12, 2023Updated 2 years ago
- ☆57May 13, 2020Updated 5 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 5 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.☆36Jan 20, 2022Updated 4 years ago
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 5 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 3 years ago
- Kerberoast Detection Script☆31Oct 31, 2024Updated last year
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆27Jun 25, 2024Updated last year
- Compilation of resources to help with Adversary Simulation automation harness☆100Aug 7, 2020Updated 5 years ago
- Simple .NET assembly to interact with services.☆43Sep 27, 2019Updated 6 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- This repo contains code of JScript .NET which can be used as alternative to csc.exe to run potentially malicious code, which ships in all…☆13Nov 8, 2019Updated 6 years ago
- ☆167Feb 13, 2020Updated 6 years ago
- A library for fast parse & import of Windows Eventlogs into Elasticsearch.☆86Jun 23, 2025Updated 7 months ago
- macOS Artifact Intelligence Tool☆13Apr 30, 2019Updated 6 years ago
- ☆18Jul 3, 2020Updated 5 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- Petaq - Purple Team Command & Control Server☆104Dec 8, 2022Updated 3 years ago
- PowerShell Empire module for logging USB keystrokes via ETW☆32Nov 11, 2016Updated 9 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆446Oct 19, 2022Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆30Mar 2, 2021Updated 4 years ago
- Building environments to replicate small networks and deploy applications☆330Jan 9, 2026Updated last month
- ☆28Mar 29, 2022Updated 3 years ago
- ☆99Feb 16, 2021Updated 5 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Jun 20, 2020Updated 5 years ago
- Red Team Operator: Malware Development Essentials Course☆100Jun 18, 2020Updated 5 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- C# port of WMImplant which uses either CIM or WMI to query remote systems☆202Jul 14, 2021Updated 4 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Jul 11, 2023Updated 2 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Jan 31, 2022Updated 4 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago