Swap digger swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searches for Linux user credentials, web forms credentials, web forms emails, http basic authentication, Wifi SSID and keys, etc.
Stars: ✭ 354 (+109.47%)
Mutual labels: dfir, post-exploitation
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+1211.83%)
Mutual labels: dfir
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+791.12%)
Mutual labels: dfir
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+980.47%)
Mutual labels: post-exploitation
CacadorIndicator Extractor
Stars: ✭ 115 (-31.95%)
Mutual labels: dfir
LogontracerInvestigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+1032.54%)
Mutual labels: dfir
BellaBella is a pure python post-exploitation data mining tool & remote administration tool for macOS. 🍎💻
Stars: ✭ 112 (-33.73%)
Mutual labels: post-exploitation
ShhmonNeutering Sysmon via driver unload
Stars: ✭ 166 (-1.78%)
Mutual labels: evasion
OrianaOriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The results are presented in a Web layer to help defenders identify outliers and suspicious behavior on corporate environments.
Stars: ✭ 152 (-10.06%)
Mutual labels: dfir
MthcAll-in-one bundle of MISP, TheHive and Cortex
Stars: ✭ 134 (-20.71%)
Mutual labels: dfir
EvasorA tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
Stars: ✭ 134 (-20.71%)
Mutual labels: post-exploitation
CirtkitTools for the Computer Incident Response Team 💻
Stars: ✭ 117 (-30.77%)
Mutual labels: dfir
ProtonProton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-15.98%)
Mutual labels: post-exploitation
ThehiveTheHive: a Scalable, Open Source and Free Security Incident Response Platform
Stars: ✭ 2,300 (+1260.95%)
Mutual labels: dfir
Green Hat SuiteGreen-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.
Stars: ✭ 112 (-33.73%)
Mutual labels: evasion
SilenttrinityAn asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Stars: ✭ 1,767 (+945.56%)
Mutual labels: post-exploitation
HerakeyloggerChrome Keylogger Extension | Post Exploitation Tool
Stars: ✭ 138 (-18.34%)
Mutual labels: post-exploitation
EnumdbRelational database brute force and post exploitation tool for MySQL and MSSQL
Stars: ✭ 167 (-1.18%)
Mutual labels: post-exploitation