sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
☆51Updated 3 months ago
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆121Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆116Updated 3 months ago
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP☆81Updated 4 months ago
- 🤖 The Modern, Blazing Fast Port Scanner 🤖☆28Updated 8 months ago
- A delicious, but malicious SSL-VPN server 🌮☆250Updated 3 weeks ago
- Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.☆25Updated 2 weeks ago
- A simple scanner for identifying vulnerable cups-browsed instances on your network☆62Updated 11 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆147Updated last year
- NTP Exfiltration Tool☆146Updated last year
- ☆55Updated 8 months ago
- A scalable web app features LiveView authentication, user roles and permission system, and secure S3/Wasabi uploads. It calculates file h…☆86Updated 4 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆197Updated last month
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆93Updated 5 months ago
- Kooky cURL-powered replacement for reverse shell via /dev/tcp☆69Updated 3 weeks ago
- ☆68Updated 7 months ago
- Python alternative to Mimikatz lsadump::dcshadow☆153Updated 3 months ago
- Ping-based Information Lookup and Outbound Transfer☆79Updated last year
- ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.☆85Updated 6 months ago
- A web application that allows the users to check whether their SPF, DMARC and DKIM configuration is set up correctly.☆145Updated last week
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Updated last year
- Rebuild of portspoof in GO with additional features.☆19Updated last week
- Nuke It From Orbit - remove AV/EDR with physical access☆263Updated 9 months ago
- A short graduate course on cybercrime, cyberespionage, and cyberoperations☆81Updated 4 months ago
- An ssh honeypot with the XZ backdoor. CVE-2024-3094☆144Updated last year
- ☆48Updated 7 months ago
- Share threat intelligence and detect tools about APT "NightEgle" (APT-Q-95)☆39Updated 2 months ago
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆43Updated last month
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆107Updated 2 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated 11 months ago
- In-Memory Rootkit For Linux and BSD☆81Updated last month