mopaw

mopaw's Stars

• trustedsec/unicorn

  Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

  Language:Python3.7k231142812

• iagox86/dnscat2

  Language:PHP3.3k136146587

• RhinoSecurityLabs/cloudgoat

  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

  Language:Python2.8k71104582

• activecm/rita

  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

  Language:Go2.5k112388359

• mattnotmax/cyberchef-recipes

  A list of cyber-chef recipes and curated links

  1.9k906253

• m57/dnsteal

  DNS Exfiltration tool for stealthily sending files over DNS requests.

  Language:Python1.7k7710230

• ipinfo/cli

  Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)

  Language:Go1.7k3093139

• philhagen/sof-elk

  Configuration files for the SOF-ELK VM

  Language:Shell1.5k112281272

• jstrosch/malware-samples

  Malware samples, analysis exercises and other interesting resources.

  Language:HTML1.4k870222

• hakluke/hakrevdns

  Small, fast tool for performing reverse DNS lookups en masse.

  Language:Go1.4k199152

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.3k4825123

• Gerenios/AADInternals

  AADInternals PowerShell module for administering Azure AD and Office 365

  Language:PowerShell1.2k3366203

• megadose/OnionSearch

  OnionSearch is a script that scrapes urls on different .onion search engines.

  Language:Python1.1k2626151

• netevert/sentinel-attack

  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

  Language:HCL1k7140207

• Arno0x/DNSExfiltrator

  Data exfiltration over DNS request covert channel

  Language:JavaScript830398180

• 3lp4tr0n/BeaconHunter

  Detect and respond to Cobalt Strike beacons using ETW.

  Language:C#47210146

• mandiant/iocs

  FireEye Publicly Shared Indicators of Compromise (IOCs)

  4611605116

• evild3ad/MemProcFS-Analyzer

  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

  Language:PowerShell414202747

• lukebaggett/dnscat2-powershell

  A Powershell client for dnscat2, an encrypted DNS command and control tool.

  Language:PowerShell379199119

• CrowdStrike/falconpy

  The CrowdStrike Falcon SDK for Python

  Language:Python31414353104

• Josue87/EmailFinder

  Search emails from a domain through search engines

  Language:Python2939360

• ANSSI-FR/DFIR-O365RC

  PowerShell module for Office 365 and Azure log collection

  Language:PowerShell22712330

• nebulous/infinitude

  Open control of Carrier/Bryant thermostats

  Language:Perl2235314648

• trickest/dsieve

  Filter and enrich a list of subdomains by level

  Language:Go1837425

• zeek/zeek-agent

  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2

  Language:C++124234023

• krmaxwell/dns-exfiltration

  Exfiltrate files via DNS

  Language:Python975422

• center-for-threat-informed-defense/public-resources

  Collection of resources related to the Center for Threat-Informed Defense

  Language:PowerShell7519116

• likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections

  Language:JavaScript296011

• swarmframework/swarm

  SWARM Framework

  Language:Python9100

• websecurify/go-camouflage

  Language:Go73