sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
☆51Updated 2 months ago
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- NTP Exfiltration Tool☆145Updated last year
- Nuke It From Orbit - remove AV/EDR with physical access☆262Updated 8 months ago
- Establishes persistence on a Linux system by creating a udev rule that triggers the execution of a specified payload (binary or script)☆146Updated last year
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆120Updated last year
- A delicious, but malicious SSL-VPN server 🌮☆248Updated last month
- A simple scanner for identifying vulnerable cups-browsed instances on your network☆61Updated 10 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆147Updated last year
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆105Updated last month
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- Hacking Hotspots: Pre-Auth Remote Code Execution, Arbitrary SMS & Adjacent Attacks on 5G & 4G LTE Routers☆73Updated last week
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP☆81Updated 3 months ago
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆65Updated 11 months ago
- 🤖 The Modern, Blazing Fast Port Scanner 🤖☆28Updated 8 months ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆182Updated last year
- Kooky cURL-powered replacement for reverse shell via /dev/tcp☆65Updated 2 months ago
- An AI-driven vulnerability scanner that uses Nmap to discover open services on a user-supplied IP, matches each service to relevant CVEs …☆46Updated 3 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆198Updated 3 weeks ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Updated last year
- An ssh honeypot with the XZ backdoor. CVE-2024-3094☆144Updated last year
- APT Emulation tool to exfiltrate sensitive .docx, .pptx, .xlsx, .pdf files☆92Updated 5 months ago
- A scalable web app features LiveView authentication, user roles and permission system, and secure S3/Wasabi uploads. It calculates file h…☆86Updated 4 months ago
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services …☆101Updated 4 months ago
- ☆48Updated 6 months ago
- An archive of 0day.today exploits☆156Updated last month
- Share threat intelligence and detect tools about APT "NightEgle" (APT-Q-95)☆37Updated last month
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's …☆124Updated 5 months ago
- DorkEye is a Python script for ethical dorking. The goal is to identify unintentionally exposed resources, such as sensitive files, login…☆51Updated last month
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆41Updated last month
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆52Updated 5 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆42Updated 3 months ago