SEC Consult Vulnerability Lab's repositories
aggrokatz
Aggrokatz is an aggressor plugin extension for Cobalt Strike which enables pypykatz to interface with the beacons remotely and allows it to parse LSASS dump files and registry hive files to extract credentials and other secrets stored without downloading the file and without uploading any suspicious code to the beacon.
metasploit-framework
Metasploit Framework
Language:RubyNOASSERTION000
SD-BumbleBee-Hunting-Rules
BumbleBee, a malware which is mainly abused by threat actors in data exfiltration and ransomware incidents, was recently analyzed by Angelo Violetti of SEC Defence - the SEC Consult Digital Forensics and Incident Response team.