Stars
Resources About Dynamic Binary Instrumentation and Dynamic Binary Analysis
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Six Degrees of Domain Admin
Attack and defend active directory using modern post exploitation adversary tradecraft activity
Automate the creation of a lab environment complete with security tooling and logging best practices
Master the command line, in one page
Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technical Guidance for Windows Event Logging.
Python Script to access ATT&CK content available in STIX via a public TAXII server
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API
Data from a BRAWL Automated Adversary Emulation Exercise
Automated, Collection, and Enrichment Platform
Hide your Powershell script in plain sight. Bypass all Powershell security features
This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/EnterpriseAPT29Eval for round 2 information.
Vmware Hardened VM detection mitigation loader (anti anti-vm)
Advanced usermode anti-anti-debugger. Forked from https://bitbucket.org/NtQuery/scyllahide
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
A post-exploitation powershell tool for extracting juicy info from memory.
A customizable, modular, responsive, lightbox gallery plugin.
The goal of this repository is to document the most common techniques to bypass AppLocker.
Cmd.exe Command Obfuscation Generator & Detection Test Harness