dluxtron

dluxtron's Stars

• S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

  5.8k125101.2k

• rootm0s/WinPwnage

  UAC bypass, Elevate, Persistence methods

  Language:Python2.6k10744384

• splunk/attack_range

  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

  Language:Jinja2.2k78305364

• hlldz/Phant0m

  Windows Event Log Killer

  Language:C1.8k6111300

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.7k5150163

• splunk/security_content

  Splunk Security Content

  Language:Python1.3k72268375

• mdecrevoisier/Microsoft-eventlog-mindmap

  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

  1.1k494181

• joshhighet/ransomwatch

  the transparent ransomware claim tracker 🥷🏼🧅🖥️

  Language:HTML95249122147

• circulosmeos/gdown.pl

  Google Drive direct download of big files

  Language:Perl9372019196

• splunk/attack_data

  A repository of curated datasets from various attacks

  Language:Python603421098

• enigma0x3/Misc-PowerShell-Stuff

  random powershell goodness

  Language:PowerShell441283163

• mvelazc0/BadZure

  BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

  Language:Python43013425

• netero1010/ScheduleRunner

  A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation

  Language:C#3274044

• mvelazc0/msInvader

  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response capabilities.

  Language:Python2393015

• mdecrevoisier/Splunk-input-windows-baseline

  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE Att&CK

  875011

• hire-vladimir/SA-cim_vladiator

  Data validator agains Splunk Common Information Model (CIM)

  Language:Python75222235

• splunk/rba

  RBA is Splunk's method to aggregate low-fidelity security events as interesting observations tagged with security metadata to create high-fidelity, low-volume alerts.

  491789

• jwardsmith/Active-Directory-Exploitation

  382014

• mvelazc0/SharpShareFinder

  SharpShareFinder is a minimalistic network share discovery POC designed to enumerate shares in Windows Active Directory networks leveraging .NET parallelism.

  Language:C#24202

• ville87/ADSIx509

  PS Scripts for authenticating to LDAP using x509 client certificate

  Language:PowerShell6210

• ccl0utier/CorrelationRulesRunner

  Language:Python4100

• toadspestcontrol/toadcoin

  Get Some!!!

  Language:C++2011