thinkst / defending-off-the-landLinks
Assortment of scripts and tools for our Blackhat EU 2024 talk
☆97Updated 6 months ago
Alternatives and similar repositories for defending-off-the-land
Users that are interested in defending-off-the-land are comparing it to the libraries listed below
Sorting:
- This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.☆91Updated 11 months ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- Active C&C Detector☆156Updated last year
- Living Off Security Tools☆45Updated 10 months ago
- Baseline a Windows System against LOLBAS☆29Updated last year
- A simple tool designed to create Atomic Red Team tests with ease.☆46Updated 5 months ago
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆62Updated last week
- ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify …☆77Updated 10 months ago
- https://lolad-project.github.io/☆80Updated 7 months ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆42Updated 7 months ago
- DEFCON 31 slide deck and video link☆64Updated 2 months ago
- Living off the False Positive!☆38Updated 6 months ago
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127Updated last year
- Silver SAML forgery tool☆55Updated last year
- AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. …☆103Updated last month
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆40Updated 2 years ago
- Addon for BHCE☆50Updated 4 months ago
- ☆26Updated 2 years ago
- WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.☆148Updated 2 months ago
- Default Detections for EDR☆96Updated last year
- create a "simulated internet" cyber range environment☆17Updated 2 months ago
- Canary Detection☆187Updated 3 months ago
- ☆74Updated 2 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.☆52Updated 2 years ago
- All kinds of tiny shells☆58Updated 2 years ago
- ☆84Updated 2 years ago
- ☆82Updated 9 months ago
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆144Updated 3 weeks ago
- Enumerate Microsoft Entra ID (Azure AD) fast☆93Updated 4 months ago