A tool that shows detailed information about named pipes in Windows
-
Updated
Jun 16, 2024 - C#
A tool that shows detailed information about named pipes in Windows
This repository contains full code examples from the book Gray Hat C#
RPC Monitor tool based on Event Tracing for Windows
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
Test Blue Team detections without running any attack.
All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming
A C# based tool for analysing malicious OneNote documents
To audit the security of read-only domain controllers
C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
ETWNetMonv3 is simple C# code for Monitoring TCP Network Connection via ETW & ETWProcessMon/2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can…
Defanger is a Notepad++ plugin that defangs/refangs malicious IOCs.
NativePayload_DIM Dynamic native dll Injection in Memory , Injecting Native DLL bytes to local Process
File System Watcher via C# (Monitoring File Activity , Create/Delete/Change/Rename events + some Activity like Size/Attribute/Security Changes & LastAccess, LastWrite etc...)
NativePayload_ASM/AsynASM , Injecting Meterpreter Payload bytes into local Process via Delegation Technique [Technique D] + in-memory with delay Changing RWX to X [Bypassing AVs]
Loading Csharp C2 Client-side codes in RAM by Very Simple New Technique to avoid Detection
BasicEventViewer (BEV v3.0), this code will useful for All Blue Teamers.
IP Reputation tool for .NET Core 3.1
This is a C# application that (once its finished) will be able to extract DLL information from running processes and conduct limited reporting on that data for analysis.
Mergen is a project that facilitates the analysis of traffic by logging incoming web traffics to ASP.NET applications broadcasting with Microsoft IIS (Internet Information Services) service.
Add a description, image, and links to the blueteam topic page so that developers can more easily learn about it.
To associate your repository with the blueteam topic, visit your repo's landing page and select "manage topics."