splunk / melting-cobalt
A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
☆165Updated 2 years ago
Alternatives and similar repositories for melting-cobalt:
Users that are interested in melting-cobalt are comparing it to the libraries listed below
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆140Updated last year
- Cobalt Strike Beacon configuration extractor and parser.☆150Updated 3 years ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- Active C2 IoCs☆97Updated 2 years ago
- YARA rule analyzer to improve rule quality and performance☆97Updated 2 months ago
- ☆130Updated last year
- ☆86Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆200Updated 2 years ago
- Further investigation in to APT campaigns disclosed by private security firms and security agencies☆85Updated 2 years ago
- ☆67Updated 2 weeks ago
- Active C&C Detector☆152Updated last year
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆111Updated last year
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated 2 weeks ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆125Updated 2 years ago
- The Linux DFIR Collector is a stand-alone collection tool for Gnu / Linux. Dump artifacts in json format with very few impacts on the hos…☆30Updated 3 years ago
- IOC Collection 2022☆57Updated 2 years ago
- Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation☆106Updated 2 years ago
- Full of public notes and Utilities☆98Updated last month
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆138Updated last year
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆160Updated last month
- A Python package is used to execute Atomic Red Team tests (Atomics) across multiple operating system environments.☆137Updated 7 months ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆94Updated last year
- Sigma rules to share with the community☆119Updated last month
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆149Updated last year
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- Load any Beacon Object File using Powershell!☆248Updated 3 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆151Updated 3 years ago
- A python script developed to process Windows memory images based on triage type.☆260Updated last year
- Linux Evidence Acquisition Framework☆114Updated 5 months ago