Active Directory attacks mapped to MITRE ATT&CK Framework
-
Updated
Oct 20, 2023
Active Directory attacks mapped to MITRE ATT&CK Framework
Windows Persistence Techniques implemented in go
Out Of Band keying of macsec (L2 encryption for LAN) with Nitrokey HSM modules.
Official Implementation of SEAL: A Secure Design Pattern Approach Toward Tackling Lateral-Injection Attacks. The 15th IEEE International Conference on Security of Information and Networks (SIN'22).
Crowdsourced experiment on the use of lateral position for communication between an automated vehicle and a pedestrian.
ssh.exe is available in windows 10 / server 2019 by default, let's LOLBAS it up!
A short script to automate the process of RDP session hijacking.
Perform directory listing, read and write file on remote computer via DCOM methods
This tool is used to find anomalies or suspicious login events, especially to detect lateral movement.
A CALDERA plugin
[IEEE SP'24] The Official Implementation of "Jbeil: Temporal Graph-Based Inductive Learning to Infer Lateral Movement in Evolving Enterprise Networks"
Time series knowledge graphs for cybersecurity
conduct lateral movement attack by leveraging unfiltered services display name to smuggle binaries as chunks into the target machine
Invoke-KleptoKitty - Deploys Payloads and collects credentials
.NET 4.0 Scheduled Job Lateral Movement
A set of instructions, command and techniques that help during an Active Directory Assessment.
.NET 4.0 WinRM API Command Execution
C++ WinRM API via Reflective DLL
This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.
Suricata rules for network anomaly detection
Add a description, image, and links to the lateral-movement topic page so that developers can more easily learn about it.
To associate your repository with the lateral-movement topic, visit your repo's landing page and select "manage topics."