A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object
☆168Oct 14, 2022Updated 3 years ago
Alternatives and similar repositories for melting-cobalt
Users that are interested in melting-cobalt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Presentation materials for talks I've given.☆20Oct 14, 2019Updated 6 years ago
- Defences against Cobalt Strike☆1,301Jul 14, 2022Updated 3 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆68Apr 12, 2022Updated 4 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- macOS forensic timeline generator using the analysis result DBs of mac_apt☆94Sep 7, 2023Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Code and yara rules to detect and analyze Cobalt Strike☆273May 5, 2021Updated 4 years ago
- A parser of Windows Defender's DetectionHistory forensic artifact, containing substantial info about quarantined files and executables.☆118Jan 26, 2022Updated 4 years ago
- Open Dataset of Cobalt Strike Beacon metadata (2018-2022)☆133Mar 28, 2022Updated 4 years ago
- Converting data from services like Censys and Shodan to a common data model☆52Apr 14, 2026Updated 3 weeks ago
- A repository of curated datasets from various attacks☆764Updated this week
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆209Jul 21, 2022Updated 3 years ago
- ☆21May 8, 2022Updated 3 years ago
- Scan files or process memory for CobaltStrike beacons and parse their configuration☆922Aug 19, 2021Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆14Mar 9, 2023Updated 3 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Jan 31, 2022Updated 4 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆64Apr 4, 2026Updated last month
- C# Data Collector for the BloodHound Project, Version 3☆37Dec 28, 2021Updated 4 years ago
- ☆1,134Dec 19, 2023Updated 2 years ago
- ☆16Apr 16, 2017Updated 9 years ago
- Automatically created C2 Feeds☆677Updated this week
- Aims to identify sleeping beacons☆667Jan 25, 2026Updated 3 months ago
- Blueteam operational triage registry hunting/forensic tool.☆148Sep 2, 2025Updated 8 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Generates network traffic summaries.☆23Apr 8, 2026Updated 3 weeks ago
- Detect and respond to Cobalt Strike beacons using ETW.☆517Jul 15, 2022Updated 3 years ago
- An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.☆340Dec 3, 2025Updated 5 months ago
- ☆24Sep 28, 2022Updated 3 years ago
- ☆22Aug 31, 2022Updated 3 years ago
- Python-based cloud node for local use☆11Mar 7, 2018Updated 8 years ago
- ☆54Sep 6, 2020Updated 5 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆97Mar 8, 2023Updated 3 years ago
- Detect Tactics, Techniques & Combat Threats☆2,286Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ELF Sectional docking payload injector system☆21Jun 28, 2022Updated 3 years ago
- A small tool to easily mount APFS image on macOS for forensics.☆17Jul 30, 2020Updated 5 years ago
- ☆451Aug 4, 2021Updated 4 years ago
- VSCode extension for the YARA pattern matching language☆63Jan 10, 2024Updated 2 years ago
- Rules generated from our investigations.☆208Jun 17, 2025Updated 10 months ago
- A list of JARM hashes for different ssl implementations used by some C2/red team tools.☆143Apr 20, 2023Updated 3 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆159Jun 15, 2023Updated 2 years ago