A Forensic Evidence AcquirerCompile Assuming you have Rust 1.41+ installed. Open terminal in the project directory and to compile a release build type cargo build --release Debug build can be compiled using cargo build Compiled executable is loca...
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity . this tool will make a good use of...
On Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012, the registry key of the RpcEptMapper and DnsCache (7/2008R2 only) services is configured with weak permissions. Any local user can create a Performance subkey and then leverage ...
Chimera is a (shiny and ver y hack-ish) PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1's known to trigger AV and uses string substitution and variable concatenation to evade common detection si...
ATTPwn is a computer security tool designed to emulate adversaries. The tool aims to bring emulation of a real threat into closer contact with implementations based on the techniques and tactics from the MITRE ATT&CK framework. The goal is to sim...
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.Installing GPOZaurr requires RSAT installed to provide results. If you don't have them you can ins...
Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need to run the script, it will create a directory named : AUDIT_CONF_%DATE%The directory output will contain the files belows: -Anti...
PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules are loaded into PoshBot and instantly become available as bot commands. PoshBot currently supports connecting to Slack ...
Aclpwn.py is a tool that interacts with BloodHound to identify and exploit ACL based privilege escalation paths. It takes a starting and ending point and will use Neo4j pathfinding algorithms to find the most efficient ACL based privilege escalation ...
Invoke-AntiVM is a set of modules to perform VM detection and fingerprinting (with exfiltration) via Powershell.Compatibility Run the script check-compatibility.ps1 to check what modules or functions are compatibile with the powershell version. Our...
©2021 By Cyber Sec Labs
Recent Comments