Daniel Card's repositories
Terminator-1
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
windows-ssh-backdoor
windows ssh backdoor requires local admin
cisco_brute_april_24_iocs
copied and re-factored from TALOS
shell-backdoor
all shell backdoor in the world
actions_on_target
Action on target fun
set_domain_computer_owner
Powershell to set the domain computer owner to "Domain Admins"
TakeMyRDP2.0
An updated version of keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing it to record keystrokes in certain contexts (like in mstsc.exe and CredentialUIBroker.exe)
aurora_astealer_c2_ips
baddies infra
inhaler
Hashes plaintext passwords
MsgKit
A .NET library to make MSG files without the need for Outlook
parrot
Like a canary but a parrot :P
win_security_log_parse
get the ip address from security failure events