ahmedkhlief's repositories

APT-Hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

Language:PythonLicense:GPL-3.0Stargazers:1153Issues:47Issues:24

Ninja

Open source C2 server created for stealth red team operations

Scripts

all published scripts devloped by ahmed khlief

Language:C++Stargazers:21Issues:0Issues:0

CVE-2023-23397-POC

Exploit POC for CVE-2023-23397

Language:C#Stargazers:6Issues:1Issues:0

CrossC2

generate CobaltStrike's cross-platform payload

Language:CStargazers:3Issues:0Issues:0

awesome-pcaptools

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

License:CC0-1.0Stargazers:1Issues:0Issues:0

CrossC2-1

generate CobaltStrike's cross-platform payload

Language:CStargazers:1Issues:0Issues:0

Havoc

The Havoc Framework

Language:GoLicense:GPL-3.0Stargazers:1Issues:0Issues:0

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Language:RustLicense:GPL-3.0Stargazers:1Issues:0Issues:0

Reverse-Engineering

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

Language:AssemblyLicense:Apache-2.0Stargazers:1Issues:0Issues:0

sauron

A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.

Language:RustLicense:NOASSERTIONStargazers:1Issues:0Issues:0
Stargazers:0Issues:1Issues:0

Awesome-CobaltStrike-Defence

Defences against Cobalt Strike

License:MITStargazers:0Issues:0Issues:0

awesome-incident-response

A curated list of tools for incident response

License:Apache-2.0Stargazers:0Issues:0Issues:0

Cloud-Security-Attacks

Azure and AWS Attacks

Stargazers:0Issues:0Issues:0

CVE-2022-22954

Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960

Stargazers:0Issues:0Issues:0
Language:PowerShellLicense:GPL-3.0Stargazers:0Issues:0Issues:0

dfirtriage

Digital forensic acquisition tool for Windows based incident response.

Language:PythonLicense:UnlicenseStargazers:0Issues:0Issues:0

frp

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Language:GoLicense:Apache-2.0Stargazers:0Issues:0Issues:0

Ghost-In-The-Logs

Evade sysmon and windows event logging

Language:CLicense:MITStargazers:0Issues:0Issues:0

Ghostpack-CompiledBinaries

Compiled Binaries for Ghostpack

Stargazers:0Issues:0Issues:0

KapeFiles

This repository serves as a place for community created Targets and Modules for use with KAPE.

License:MITStargazers:0Issues:0Issues:0

KStrike

Stand-alone parser for User Access Logging from Server 2012 and newer systems

Language:PythonLicense:NOASSERTIONStargazers:0Issues:0Issues:0

mac4n6

Collection of forensics artifacs location for Mac OS X and iOS

Language:PythonLicense:Apache-2.0Stargazers:0Issues:0Issues:0

PackMyPayload

A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX

Language:PythonLicense:MITStargazers:0Issues:0Issues:0

PyExchangePasswordSpray

Microsoft Exchange password spray tool with proxy support.

Language:PythonStargazers:0Issues:0Issues:0

ReverseSock5Proxy

A tiny Reverse Sock5 Proxy written in C :V

Language:CLicense:GPL-3.0Stargazers:0Issues:0Issues:0

sliver

Adversary Emulation Framework

Language:GoLicense:GPL-3.0Stargazers:0Issues:0Issues:0
Stargazers:0Issues:1Issues:0