tsale / TA_toolingLinks
☆10Updated 2 years ago
Alternatives and similar repositories for TA_tooling
Users that are interested in TA_tooling are comparing it to the libraries listed below
Sorting:
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆66Updated 3 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆79Updated 2 years ago
- ☆43Updated 3 years ago
- ☆45Updated 2 years ago
- ☆85Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆88Updated 3 years ago
- An Ansible role for installing Cobalt Strike.☆81Updated 2 weeks ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆70Updated 3 years ago
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆17Updated 4 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆58Updated 3 years ago
- Dump LSASS process in Task Manager without triggering Defender.☆18Updated 2 years ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 4 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 3 years ago
- ☆53Updated 5 years ago
- ☆27Updated 4 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆93Updated 2 years ago
- pypykatz plugin for volatility3 framework☆43Updated 4 months ago
- Service Enumeration C# .NET Assembly☆59Updated 4 years ago
- A module for CME that spiders across a domain.☆35Updated 3 years ago
- ☆74Updated 3 years ago
- ☆58Updated 2 years ago
- Tradecraft Development Fundamentals☆40Updated 4 years ago
- Get or remove RunMRU values☆59Updated 5 years ago
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 3 years ago
- ☆36Updated 2 years ago
- Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.☆68Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 5 years ago
- This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix☆74Updated 3 years ago