Giters
JoeyVerleg

JoeyVerleg

Geek Repo

0

followers

1

following

413

stars

Github PK Tool:Github PK Tool

JoeyVerleg's starred repositories

edr-artifacts

This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.

Stargazers:68Issues:0Issues:0

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Language:PythonLicense:BSD-3-ClauseStargazers:1175Issues:0Issues:0

Aladdin

Language:C#License:BSD-3-ClauseStargazers:216Issues:0Issues:0

Demystifying-KQL

Content Repo for Demystifying KQL Tutorial Series

Stargazers:64Issues:0Issues:0

sccm-http-looter

Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)

Language:GoLicense:MITStargazers:152Issues:0Issues:0

ShadowSpray

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

Language:C#Stargazers:448Issues:0Issues:0

msi-search

Language:CLicense:Apache-2.0Stargazers:264Issues:0Issues:0

conpass

Continuous password spraying tool

Language:PythonLicense:MITStargazers:113Issues:0Issues:0

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.

Language:PowerShellLicense:GPL-3.0Stargazers:126Issues:0Issues:0

DefenderYara

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Language:YARAStargazers:208Issues:0Issues:0

GraphSpy

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Language:HTMLLicense:BSD-3-ClauseStargazers:516Issues:0Issues:0

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Language:PowerShellLicense:GPL-3.0Stargazers:672Issues:0Issues:0

ADCSCoercePotato

Language:C++Stargazers:203Issues:0Issues:0

Cortex-XDR-Config-Extractor

Cortex XDR Config Extractor

Language:PythonLicense:GPL-3.0Stargazers:119Issues:0Issues:0

Blauhaunt

A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts

Language:JavaScriptLicense:MITStargazers:160Issues:0Issues:0

bof-collection

Collection of Beacon Object Files (BOF) for Cobalt Strike

Language:C++Stargazers:169Issues:0Issues:0

aad_prt_bof

Language:C++License:MITStargazers:68Issues:0Issues:0

BHCEupload

A small go tool to upload JSON files to the BloodHound community edition API

Language:GoLicense:MITStargazers:27Issues:0Issues:0

ShredHound

Small utility to chunk up a large BloodHound JSON file into smaller files for importing.

Language:PythonStargazers:81Issues:0Issues:0

No-Consolation

A BOF that runs unmanaged PEs inline

Language:CLicense:MITStargazers:532Issues:0Issues:0

PoolPartyBof

A beacon object file implementation of PoolParty Process Injection Technique.

Language:CStargazers:316Issues:0Issues:0

ChromeKatz

Dump cookies and credentials directly from Chrome/Edge process memory

Language:C++License:BSD-3-ClauseStargazers:978Issues:0Issues:0

GraphStrike

Cobalt Strike HTTPS beaconing over Microsoft Graph API

Language:CStargazers:543Issues:0Issues:0

frameless-bitb

A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.

Language:CSSLicense:BSD-3-ClauseStargazers:338Issues:0Issues:0

CertStealer

A .NET tool for exporting and importing certificates without touching disk.

Language:C#License:MITStargazers:473Issues:0Issues:0

PKINITtools

Tools for Kerberos PKINIT and relaying to AD CS

Language:PythonLicense:MITStargazers:613Issues:0Issues:0

gssapi-abuse

A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks

Language:PythonStargazers:133Issues:0Issues:0

Kerbeus-BOF

BOF for Kerberos abuse (an implementation of some important features of the Rubeus).

Language:CStargazers:384Issues:0Issues:0

NerfDefender

BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.

Language:CStargazers:24Issues:0Issues:0

maliciousCodeMatchingMFA

A small executable to trick a user to authenticate using code matching MFA

Language:C#Stargazers:67Issues:0Issues:0