sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
β55Updated 2 months ago
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- NTP Exfiltration Toolβ148Updated 2 years ago
- π€ The Modern, Blazing Fast Port Scanner π€β28Updated 11 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netwβ¦β146Updated last year
- β49Updated 10 months ago
- Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.β79Updated 3 months ago
- β56Updated 10 months ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.β124Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPCβ118Updated 6 months ago
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.β49Updated last month
- A simple scanner for identifying vulnerable cups-browsed instances on your networkβ65Updated last year
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.β196Updated last month
- β80Updated last month
- Signature based honeypot detector tool written in Golangβ107Updated 8 months ago
- Rebuild of portspoof in GO with additional features.β24Updated last month
- Modular framework for automating triaging, malware analysis, and analyst workflowsβ43Updated 7 months ago
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's β¦β129Updated 8 months ago
- IOCs and detection script for COATHANGER malwareβ55Updated last year
- DorkEye is a Python script for ethical dorking. The goal is to identify unintentionally exposed resources, such as sensitive files, loginβ¦β63Updated 5 months ago
- Analyze pcaps with Zeek and a Grafana Dashboardβ188Updated last year
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf filesβ94Updated 8 months ago
- Kooky cURL-powered replacement for reverse shell via /dev/tcpβ75Updated last week
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails cβ¦β166Updated last year
- An AI-driven vulnerability scanner that uses Nmap to discover open services on a user-supplied IP, matches each service to relevant CVEs β¦β47Updated 6 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. β¦β110Updated 5 months ago
- Nuke It From Orbit - remove AV/EDR with physical accessβ270Updated last year
- SECurityTr8Ker monitors the SEC's RSS feed for 8-K filings with cybersecurity incident disclosures.β90Updated 6 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), aβ¦β53Updated 9 months ago
- Purple-team telemetry & simulation toolkit.β96Updated this week
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.β44Updated last year
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services β¦β103Updated 8 months ago