Noah Baertsch
Noah Baertsch
Adding an evidence type to capture C2 events in ASHIRT. We have ingestors (python script + systemd service file) for both Cobalt Strike and Brute Ratel, though both have some...
Using the custom minidump implementation results in a dump file that is not parse-able by pypykatz. `pypykatz lsa info ` results in `UnicodeDecodeError: 'utf-16-le' codec can't decode bytes in position...
## Problem Skills cannot hide their underlying MCP tools from Claude's direct access. Both the skill wrapper and the raw MCP tool are visible, defeating progressive disclosure. ## Requested Feature...