sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
☆53Updated last month
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- NTP Exfiltration Tool☆146Updated last year
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146Updated last year
- An AI-driven vulnerability scanner that uses Nmap to discover open services on a user-supplied IP, matches each service to relevant CVEs …☆47Updated 5 months ago
- A delicious, but malicious SSL-VPN server 🌮☆252Updated last month
- LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, mo…☆190Updated 6 months ago
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆117Updated 4 months ago
- 🤖 The Modern, Blazing Fast Port Scanner 🤖☆28Updated 10 months ago
- Share threat intelligence and detect tools about APT "NightEgle" (APT-Q-95)☆40Updated 3 months ago
- Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.☆79Updated last month
- ☆49Updated 8 months ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆186Updated last year
- Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)☆147Updated last year
- In-Memory Rootkit For Linux and BSD☆84Updated 2 months ago
- An ssh honeypot with the XZ backdoor. CVE-2024-3094☆144Updated last year
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆122Updated last year
- Modular framework for automating triaging, malware analysis, and analyst workflows☆42Updated 6 months ago
- ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.☆88Updated 8 months ago
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services …☆103Updated 6 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆374Updated last year
- A short graduate course on cybercrime, cyberespionage, and cyberoperations☆81Updated 5 months ago
- Make BASH stealthy and hacker friendly with lots of bash functions☆269Updated last month
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆43Updated last month
- Analyse MSI files for vulnerabilities☆138Updated last year
- Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket pattern☆109Updated last month
- ☆55Updated 9 months ago
- Cheat sheet to detect and remove linux kernel rootkit☆74Updated 10 months ago
- ☆52Updated 3 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆108Updated 3 months ago
- A comprehensive tool that provides an insightful analysis of Microsoft's monthly security updates.☆189Updated 7 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year