Lorenzo Bernardi
Lorenzo Bernardi
Hi, We noticed that BloodHound gives an incorrect output; it shows that multiple users owns 1 policy, which is not possible. The following tool is used: https://www.microfocus.com/en-us/products/netiq-group-policy-administrator/overview and might be...
Update to latest version of beacon.h (from https://www.cobaltstrike.com/downloads/beacon.h)
Removed the hard-coded SharpSploit and added it as a submodule. SharpGen.cs has been updated to support the latest version of SharpSploit. README.md updated to include the command to initially retrieve...
First of all, thanks for this awesome tool! I was trying to update the SharpSploit source from the Source/ directory, but when I run the `dotnet build` command I get...
Create new alarm to check for Abuse.ch SSLBL Botnet C2 IP Blacklist
Send an alarm when a new implant is detected for a user we didn't have an implant in the past.
Create new alarm for Abuse.ch SSLBL SSL Certificate Blacklist
TBD - would be great to add support for this one as well https://github.com/p3nt4/Nuages
The logging of the different internal scripts (enrich, alarm, etc) should be standardized and ingested back into ES. The main idea being to have a view on the status of...
Send an alarm when a new implant is detected for a host we didn't have an implant in the past.