sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
☆54Updated 2 months ago
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- DorkEye is a Python script for ethical dorking. The goal is to identify unintentionally exposed resources, such as sensitive files, login…☆62Updated 4 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆53Updated 8 months ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆124Updated last year
- NTP Exfiltration Tool☆148Updated 2 years ago
- Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.☆79Updated 2 months ago
- Share threat intelligence and detect tools about APT "NightEgle" (APT-Q-95)☆40Updated 4 months ago
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆108Updated 4 months ago
- IOCs and detection script for COATHANGER malware☆55Updated last year
- A tool to remotely detect unusual sessions opened on windows machines using RPC☆118Updated 5 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆43Updated 6 months ago
- ☆56Updated 10 months ago
- Signature based honeypot detector tool written in Golang☆106Updated 8 months ago
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's …☆128Updated 8 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146Updated last year
- ☆49Updated 9 months ago
- A simple scanner for identifying vulnerable cups-browsed instances on your network☆65Updated last year
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services …☆103Updated 7 months ago
- ☆72Updated last month
- Rebuild of portspoof in GO with additional features.☆25Updated last month
- Nuke It From Orbit - remove AV/EDR with physical access☆271Updated 11 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.☆196Updated 3 weeks ago
- NoDelete is a tool that assists in malware analysis by locking a folder where malware drops files before deleting them.☆48Updated last week
- A short graduate course on cybercrime, cyberespionage, and cyberoperations☆82Updated 6 months ago
- 🤖 The Modern, Blazing Fast Port Scanner 🤖☆28Updated 11 months ago
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP☆83Updated 6 months ago
- b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell.☆41Updated 7 months ago
- PoC that downloads an executable from a public SSL certificate☆134Updated 4 months ago
- A collection of tools that I use in CTF's or for assessments☆102Updated 9 months ago
- Top 400 passwords as per HaveIBeenPwned☆22Updated last year
- ☆73Updated 10 months ago