Userland API monitor for threat hunting
☆58Mar 4, 2020Updated 6 years ago
Alternatives and similar repositories for Captain
Users that are interested in Captain are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Live hunting of code injection techniques☆386Aug 22, 2019Updated 6 years ago
- C# Process Hollowing POC☆19Jan 5, 2023Updated 3 years ago
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Various commands, tools, techniques that you can use to examine live Windows systems for signs of Compromise or for Threat Hunting.Can al…☆15Aug 15, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- BackdoorMan is a toolkit that helps you find malicious, hidden and suspicious PHP scripts and shells in a chosen destination.☆77Dec 13, 2022Updated 3 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 5 years ago
- a program to detect reflective dll injection on a live machine☆76Dec 12, 2015Updated 10 years ago
- An experimental dynamic malware unpacker based on Intel Pin and PE-sieve☆63Aug 21, 2024Updated last year
- This script runs multithreading module that connects to a remote TCP server, monitors active (opened) Microsoft Word documents (.doc,.doc…☆33Jul 24, 2020Updated 5 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 6 years ago
- ☆21Jan 28, 2020Updated 6 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- Kerberoast Detection Script☆30Oct 31, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Shellcode runner in Rust☆34Oct 30, 2020Updated 5 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆19Jun 12, 2022Updated 3 years ago
- Go Lang Portable Executable Parser☆39Mar 31, 2021Updated 5 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆59Apr 1, 2022Updated 4 years ago
- PowerShell script for hunting webshells on Microsoft Exchange Servers.☆56Feb 1, 2017Updated 9 years ago
- (kinda) Malicious Outlook Reader☆138Mar 3, 2021Updated 5 years ago
- Powershell collection designed to assist in Threat Hunting Windows systems.☆27Apr 13, 2018Updated 8 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆40Apr 8, 2021Updated 5 years ago
- ☆12Feb 8, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- QuickSQL is a simple MSSQL query tool that allows you to connect to MSSQL databases and does not require administrative level rights to u…☆104Apr 17, 2020Updated 6 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- Extendable payload obfuscation and delivery framework☆144Nov 4, 2022Updated 3 years ago
- Anti-Malware security solution for Windows environment.☆20Jul 10, 2021Updated 4 years ago
- Red Team C2 and Post Exploitation code☆36Mar 10, 2026Updated last month
- Burp Report Generator☆11Mar 1, 2025Updated last year
- RDP Checker☆65Feb 23, 2024Updated 2 years ago
- ☆112Jul 24, 2023Updated 2 years ago
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- Vulnerable Windows Driver with exploits which were used for demonstration purposes on Hunting and exploiting bugs in kernel drivers prese…☆13Jan 29, 2013Updated 13 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010 AKA EternalBlue☆12Dec 31, 2018Updated 7 years ago
- SEC599 supporting GitHub repository☆16Sep 14, 2019Updated 6 years ago