Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

Topic: "cobaltstrike-detection"

DamonMohammadbagher/ETWProcessMon2

ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.

Language: C# - Size: 35 MB - Last synced at: about 1 month ago - Pushed at: over 1 year ago - Stars: 301 - Forks: 70

eremit4/cs-discovery

Detecting Cobalt Strike Team Servers on targets through traffic telemetry.

Language: Python - Size: 25.9 MB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 19 - Forks: 3

Related Topics
cobalt-strike 1 cobaltstrike 1 command-and-control 1 csirt 1 python 1 threat-hunting 1 threat-intelligence 1 blueteam 1 detection-etw-events 1 etw 1 imageloads 1 malicious-traffic-detection 1 memory-scanner 1 memory-scanner-by-etw-events 1 memory-scanning 1 meterpreter-detection 1 payload-detection 1 processmonitoring 1 realtime-monitoring 1 remote-thread-injection 1 tcpip-monitoring 1 technique-detection 1 thread-monitor 1 threat-hunting-via-etw 1 threat-hunting-via-sysmon 1 virtualmemallocation-detection 1