sandflysecurity / sandfly-forensic-scriptsLinks
Small scripts to help with Linux forensics and incident response.
โ51Updated last month
Alternatives and similar repositories for sandfly-forensic-scripts
Users that are interested in sandfly-forensic-scripts are comparing it to the libraries listed below
Sorting:
- NTP Exfiltration Toolโ142Updated last year
- ๐ค The Modern, Blazing Fast Port Scanner ๐คโ28Updated 7 months ago
- RADAR (Rapid Assessment of DNS And Reconnaissance) is an advanced DNS reconnaissance tool designed to identify technologies and services โฆโ100Updated 3 months ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.โ121Updated last year
- Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket patternโ76Updated last month
- An ssh honeypot with the XZ backdoor. CVE-2024-3094โ143Updated last year
- Modular framework for automating triaging, malware analysis, and analyst workflowsโ42Updated 3 months ago
- A simple scanner for identifying vulnerable cups-browsed instances on your networkโ61Updated 10 months ago
- A delicious, but malicious SSL-VPN server ๐ฎโ243Updated last week
- A scalable web app features LiveView authentication, user roles and permission system, and secure S3/Wasabi uploads. It calculates file hโฆโ86Updated 3 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offerโฆโ370Updated last year
- Nuke It From Orbit - remove AV/EDR with physical accessโ262Updated 8 months ago
- โ54Updated 6 months ago
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netwโฆโ147Updated last year
- Make BASH stealthy and hacker friendly with lots of bash functionsโ261Updated last month
- LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting directory changes, providing visibility into additions, moโฆโ188Updated 3 months ago
- Wireshark RDP resourcesโ215Updated 2 months ago
- ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.โ84Updated 5 months ago
- A tool to remotely detect unusual sessions opened on windows machines using RPCโ117Updated 2 months ago
- A short graduate course on cybercrime, cyberespionage, and cyberoperationsโ81Updated 2 months ago
- โ46Updated 5 months ago
- Intelligent Malware that takes screenshots for entire monitors and exfiltrate them through Trusted Channel Slack to the C2 server that's โฆโ121Updated 4 months ago
- Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.โ198Updated this week
- An AI-driven vulnerability scanner that uses Nmap to discover open services on a user-supplied IP, matches each service to relevant CVEs โฆโ46Updated 2 months ago
- Analyze pcaps with Zeek and a Grafana Dashboardโ181Updated last year
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.โ44Updated last year
- A repository of advice and guides to share with friends and family who are concerned about their safety during online activities and the โฆโ132Updated last year
- Kooky cURL-powered replacement for reverse shell via /dev/tcpโ65Updated last month
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. โฆโ99Updated 2 weeks ago
- b3acon - a mail-based C2 that communicates via an in-memory C# IMAP client dynamically compiled in memory using PowerShell.โ37Updated 3 months ago