trustedsec / tscopy

Related projects ⓘ

Alternatives and complementary repositories for tscopy

• darkoperator / vscode-sysmon
  Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.
  ☆51Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆90Updated 2 years ago
• cobbr / InsecurePowerShell
  InsecurePowerShell is PowerShell with some security features removed.
  ☆101Updated 6 years ago
• mkorman90 / sysmon-config-bypass-finder
  Detect possible sysmon logging bypasses given a specific configuration
  ☆107Updated 5 years ago
• S3cur3Th1sSh1t / Get-System-Techniques
  ☆89Updated 2 years ago
• kacos2000 / Evtx_Log_Browser
  Evtx Log (xml) Browser
  ☆55Updated last year
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆43Updated 3 years ago
• darmado / Atomic-Red-Team-C2
  ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabili…
  ☆171Updated 2 months ago
• jschicht / SetMace
  Manipulate timestamps on NTFS
  ☆49Updated 10 years ago
• OmerYa / Babel-Shellfish
  Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.
  ☆41Updated 6 years ago
• GoSecure / DLLPasswordFilterImplant
  DLL Password Filter Implant with Exfiltration Capabilities
  ☆134Updated 4 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆72Updated 2 years ago
• kacos2000 / Prefetch-Browser
  Browse Windows Prefetch versions: 17,23,26,30v1/2 & some of SuperFetch .7db/.db's
  ☆40Updated 9 months ago
• DidierStevens / AdHoc
  AdHoc solutions
  ☆48Updated last year
• OTRF / Set-AuditRule
  Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity
  ☆88Updated 2 years ago
• mandiant / goauditparser
  ☆43Updated last year
• airbus-cert / ntTraceControl
  Powershell Event Tracing Toolbox
  ☆72Updated 2 years ago
• sumeshi / evtx2es
  A library for fast parse & import of Windows Eventlogs into Elasticsearch.
  ☆82Updated 4 months ago
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 3 years ago
• slaughterjames / excelpeek
  ☆37Updated 2 years ago
• nmantani / PS-TrustedDocuments
  PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office
  ☆34Updated last year
• trustedsec / SysWhispers
  AV/EDR evasion via direct system calls.
  ☆32Updated 3 years ago
• trustedsec / defensive-scripts
  ☆45Updated last year
• WithSecureLabs / ppid-spoofing
  Scripts for performing and detecting parent PID spoofing
  ☆139Updated 4 years ago
• ANSSI-FR / bits_parser
  Extract BITS jobs from QMGR queue and store them as CSV records
  ☆74Updated 4 months ago
• ignacioj / mftf
  $MFT parser (from live systems or a copy of the $MFT) and raw file copy utility
  ☆36Updated 4 months ago
• wietze / windows-command-line-obfuscation
  Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.
  ☆140Updated 3 years ago
• silence-is-best / files
  ☆94Updated last month
• aahmad097 / Tritium
  Password Spraying Framework
  ☆63Updated 2 years ago