GitHub topics: lateral-movement
ivantaktos/Secure-Port-Redirector
🔐 Secure Port Redirector (via SSLStream)
Language: Python - Size: 7.77 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 0 - Forks: 1
raf41/Multi-View-Temporal-Graph-Fusion-for-Lateral-Movement-Anomaly-Detection
Multi-view temporal graph anomaly detection (IAMOD & novel TG-IAMOD) for lateral movement on LANL. Reproducible notebook + dependencies
Language: Jupyter Notebook - Size: 15 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 0 - Forks: 0
MohamedIdrissSomrani/Unconstrained_Delegation
🔍 Check Active Directory accounts for delegation types, identify unconstrained and constrained settings, and export results for analysis.
Language: PowerShell - Size: 10.7 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0
opsdisk/the_cyber_plumbers_handbook
Free copy of The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.
Size: 5.06 MB - Last synced at: 8 days ago - Pushed at: almost 4 years ago - Stars: 2,698 - Forks: 172
thecybermafia/OffensiveActiveDirectory
A set of instructions, command and techniques that help during an Active Directory Assessment.
Size: 13.7 KB - Last synced at: 9 days ago - Pushed at: over 4 years ago - Stars: 86 - Forks: 19
mr-tomr/Unconstrained_Delegation
Unconstrained_Delegation is a PowerShell toolkit to assess Active Directory (AD) accounts for delegation settings.
Language: PowerShell - Size: 10.7 KB - Last synced at: 11 days ago - Pushed at: 12 days ago - Stars: 0 - Forks: 0
Threekiii/Awesome-Redteam
一个攻防知识库。A knowledge base for red teaming and offensive security.
Language: Python - Size: 30.8 MB - Last synced at: 11 days ago - Pushed at: 21 days ago - Stars: 3,947 - Forks: 700
ZeroTrace404/RedReaper
Modular Red Team simulation framework for offensive security training, adversary emulation, and payload automation.
Language: Python - Size: 12.7 KB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 2 - Forks: 1
zux0x3a/0xsp-Mongoose 📦
a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Language: Pascal - Size: 26.4 MB - Last synced at: about 4 hours ago - Pushed at: over 3 years ago - Stars: 537 - Forks: 121
blackarrowsec/pivotnacci
A tool to make socks connections through HTTP agents
Language: Python - Size: 85 KB - Last synced at: 9 days ago - Pushed at: over 4 years ago - Stars: 714 - Forks: 113
atharimran728/Insider-Threat-s-Lateral-Movement-Simulation-Detection-Identification-using-NetworkMiner3.0-Zeek
Simulated and detected a stealthy insider threat ‘Alex’, who moved from file snooping to SSH brute-forcing. Includes PCAPs, Zeek logs, NetworkMiner analysis, and a full incident report.
Size: 3.34 MB - Last synced at: 30 days ago - Pushed at: 30 days ago - Stars: 0 - Forks: 0
The-Viper-One/Invoke-RDPThief
Inject RDPThief into memory with PowerShell.
Language: PowerShell - Size: 322 KB - Last synced at: 1 day ago - Pushed at: 8 months ago - Stars: 65 - Forks: 8
The-Viper-One/Invoke-FindEventCreds
PowerShell script to parse Sysmon Event ID 1 and Security Event Log ID 4688 for command line credentials
Language: PowerShell - Size: 9.77 KB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 6 - Forks: 1
UsamaMatrix/enterprise-red-teaming-suite
⚠️ Project description only. The actual red teaming suite code is confidential. This modular toolkit simulates enterprise-scale attacks for red team engagements.
Size: 4.88 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
jwardsmith/Penetration-Testing
This cheatsheet contains techniques, commands, and tools commonly used during penetration tests. It covers various stages of penetration testing, including enumeration, exploitation, lateral movement, privilege escalation, and post-exploitation.
Size: 95.7 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 5 - Forks: 3
Compcode1/insider-threat-simulation1
This project simulated the behavior of a malicious insider on a Windows 11 host to generate detectable telemetry for use in SIEM-based detection and host triage. The exercise focused on five core behaviors that commonly indicate internal compromise or abuse
Language: Jupyter Notebook - Size: 30.3 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
klezVirus/CheeseTools
Self-developed tools for Lateral Movement/Code Execution
Language: C# - Size: 936 KB - Last synced at: about 2 months ago - Pushed at: about 4 years ago - Stars: 707 - Forks: 143
The-Viper-One/PsMapExec
Dominate Active Directory with PowerShell.
Language: PowerShell - Size: 7.5 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 989 - Forks: 108
Viralmaniar/HiveJack
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.
Language: C# - Size: 2.23 MB - Last synced at: about 2 months ago - Pushed at: over 5 years ago - Stars: 110 - Forks: 34
S1ckB0y1337/TokenPlayer
Manipulating and Abusing Windows Access Tokens.
Language: C++ - Size: 1.1 MB - Last synced at: about 2 months ago - Pushed at: over 4 years ago - Stars: 278 - Forks: 46
jupyterj0nes/masstin
Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis
Language: Rust - Size: 2.48 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0
blackarrowsec/mssqlproxy
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse
Language: Python - Size: 180 KB - Last synced at: 4 months ago - Pushed at: over 4 years ago - Stars: 746 - Forks: 114
Leo4j/Invoke-SMBRemoting
Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
Language: PowerShell - Size: 123 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 164 - Forks: 23
mez-0/winrmdll
C++ WinRM API via Reflective DLL
Language: C++ - Size: 220 KB - Last synced at: about 2 months ago - Pushed at: almost 4 years ago - Stars: 145 - Forks: 28
ZeroMemoryEx/APT38-0day-Stealer
APT38 Tactic PoC for Stealing 0days from security professionals
Language: C++ - Size: 30.3 KB - Last synced at: 4 months ago - Pushed at: 4 months ago - Stars: 281 - Forks: 41
mez-0/CSharpWinRM
.NET 4.0 WinRM API Command Execution
Language: C# - Size: 468 KB - Last synced at: about 2 months ago - Pushed at: almost 5 years ago - Stars: 163 - Forks: 22
travisbgreen/hunting-rules
Suricata rules for network anomaly detection
Size: 271 KB - Last synced at: 5 months ago - Pushed at: 5 months ago - Stars: 159 - Forks: 43
ihebski/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Size: 621 KB - Last synced at: 5 months ago - Pushed at: over 1 year ago - Stars: 1,779 - Forks: 306
zux0x3a/TChopper
conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine
Language: Pascal - Size: 402 KB - Last synced at: 10 days ago - Pushed at: about 4 years ago - Stars: 54 - Forks: 7
scipag/KleptoKitty
Invoke-KleptoKitty - Deploys Payloads and collects credentials
Language: PowerShell - Size: 23.4 KB - Last synced at: 5 months ago - Pushed at: about 4 years ago - Stars: 30 - Forks: 11
mez-0/MoveScheduler
.NET 4.0 Scheduled Job Lateral Movement
Language: C# - Size: 16.6 KB - Last synced at: about 2 months ago - Pushed at: about 5 years ago - Stars: 90 - Forks: 13
Gill-Singh-A/SSH-Credential-Logger
A Simple Python Program that makes use of ssh alias and sshpass to obtain SSH Credentials
Language: Python - Size: 10.7 KB - Last synced at: 2 months ago - Pushed at: 7 months ago - Stars: 0 - Forks: 0
violentqm/Blind-Ghost
my attempt at a lateral movement method using LLMNR/NBT-NS spoofing and HTTP coercion to force execution of a PowerShell commands
Language: PowerShell - Size: 0 Bytes - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 0 - Forks: 0
databricks-industry-solutions/context-graph-analytics
Time series knowledge graphs for cybersecurity
Language: Python - Size: 20 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 18 - Forks: 6
Potato-Industries/ssh.exe-windows-10-lolbas
ssh.exe is available in windows 10 / server 2019 by default, let's LOLBAS it up!
Size: 36.1 KB - Last synced at: 15 days ago - Pushed at: almost 6 years ago - Stars: 2 - Forks: 0
LMscope/Jbeil 📦
[IEEE SP'24] The Official Implementation of "Jbeil: Temporal Graph-Based Inductive Learning to Infer Lateral Movement in Evolving Enterprise Networks"
Language: Jupyter Notebook - Size: 651 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0
AD-Attacks/MITRE-ATT-CK
Active Directory attacks mapped to MITRE ATT&CK Framework
Size: 16.6 KB - Last synced at: over 1 year ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 0
pyrrh1c/Start-RdpSessionTakeover
A short script to automate the process of RDP session hijacking.
Language: PowerShell - Size: 9.77 KB - Last synced at: almost 2 years ago - Pushed at: over 4 years ago - Stars: 2 - Forks: 1
ZakiSamy/Red-Team-Toolkit-Collection
Welcome to the Red Team Toolkit Collection repository, is a go-to resource for a comprehensive set of tools for red teaming. This repository aims to equip you with an arsenal of powerful utilities to simulate real-world cyber threats and bolster your organisation's defences.
Size: 39.1 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 0 - Forks: 0
biringaChi/SEAL
Official Implementation of SEAL: A Secure Design Pattern Approach Toward Tackling Lateral-Injection Attacks. The 15th IEEE International Conference on Security of Information and Networks (SIN'22).
Language: Python - Size: 1010 KB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 2 - Forks: 1
idfp/go-persist
Windows Persistence Techniques implemented in go
Language: Go - Size: 2.93 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 1 - Forks: 0
resiliencetheatre/nk-macsec
Out Of Band keying of macsec (L2 encryption for LAN) with Nitrokey HSM modules.
Language: C - Size: 34.2 KB - Last synced at: over 2 years ago - Pushed at: almost 3 years ago - Stars: 0 - Forks: 0
Richl-lab/recognize-unusual-logins
This tool is used to find anomalies or suspicious login events, especially to detect lateral movement.
Language: R - Size: 17.4 MB - Last synced at: over 2 years ago - Pushed at: almost 4 years ago - Stars: 2 - Forks: 1
Hagrid29/ReadWrite-DCOM
Perform directory listing, read and write file on remote computer via DCOM methods
Language: PowerShell - Size: 6.84 KB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 1
bazilinskyy/videos-animations-crowdsourced
Crowdsourced experiment on the use of lateral position for communication between an automated vehicle and a pedestrian.
Language: JavaScript - Size: 656 MB - Last synced at: over 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 0
