sisoc-tokyo / Real-timeDetectionAD_ver2Links
☆82Updated 4 years ago
Alternatives and similar repositories for Real-timeDetectionAD_ver2
Users that are interested in Real-timeDetectionAD_ver2 are comparing it to the libraries listed below
Sorting:
- Splunk Dashboard for CobaltStrike logs☆89Updated 4 years ago
- Exercises for C# Workshop at Wild West Hackin' Fest 2018 & 2019.☆64Updated 5 years ago
- Community maintained list of most popular HIPS service and process names on a Windows Platform.☆43Updated 3 years ago
- Joystick is a tool that gives you the ability to transform the ATT&CK Evaluations data into concise views that brings forward the nuances…☆64Updated 2 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Updated 5 years ago
- LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network☆74Updated 6 years ago
- Slides from my talk in "Hackinparis" 2019 edition☆91Updated 6 years ago
- Repository for my ATT&CK analysis research.☆69Updated 6 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- ☆53Updated 6 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118Updated 6 years ago
- Simulating Adversary Operations☆96Updated 7 years ago
- ☆139Updated 5 years ago
- A Powershell implementation of PrivExchange designed to run under the current user's context☆125Updated 6 years ago
- Monitors for DCSYNC and DCSHADOW attacks and create custom Windows Events for these events.☆141Updated 7 years ago
- A repo for holding cheat sheets for myself that cover various penetration testing tools and commands.☆41Updated 7 years ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically g…☆98Updated 2 years ago
- A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs.☆172Updated 6 months ago
- Toolset for research malware and Cobalt Strike beacons☆211Updated 6 months ago
- Sysmon config for both Windows and Linux Devices. Windows one is a bit dated☆56Updated last year
- Some .ps1 scripts for pentesting☆136Updated 4 years ago
- Aggregation of Cobalt Strike's aggressor scripts.☆142Updated 7 years ago
- DLL Password Filter Implant with Exfiltration Capabilities☆138Updated 5 years ago
- Ex-pv8's☆64Updated 6 years ago
- An Insider Threat Toolkit☆153Updated 6 years ago
- ☆25Updated 4 years ago
- Generate ATT&CK Navigator layer file from PowerShell Empire agent logs☆48Updated 7 years ago
- Resources for our Active Directory security workshops☆140Updated 4 years ago
- Dashboarding and Tooling front-end for PowerShell Empire using PowerShell Universal Dashboard☆104Updated 6 years ago
- A MITRE Caldera plugin written in Python 3 used to convert Red Canary Atomic Red Team Tests to MITRE Caldera Stockpile YAML ability files…☆73Updated 3 years ago