Skip to content

October 2024 updates

Compare
Choose a tag to compare
@mthcht mthcht released this 02 Nov 12:57
· 25 commits to main since this release

October 2024 updates

  • 145 tools added, plus multiple existing tools updated.
  • 57774 detection patterns
  • Additional Threat Groups associations using the TI reports database / and many thanks to @BushidoUK cti projects

In progress:

  • Automated recuperation of hashes from github releases of each tool as soon as they are released
    • combination with another project to automatically compile and upload to virustotal some critical tools selected with the metadata_severity_score
  • reorganization of tags
  • reorganization of lookups (thinking about lookup with hash / without hash / without tags... open to suggestion)

links

new keyword detection patterns added for the following tools :

  • 4shared.com
  • ADFSDump
  • ADPassHunt
  • ADSyncDecrypt
  • Acunetix Web Vulnerability Scanner
  • Adzok
  • Argus
  • Avast
  • BadPotato
  • BetterSafetyKatz
  • BrowserSnatch
  • Cable
  • Certify
  • CheckPort
  • Checkmate
  • ChromeCookiesView
  • Cmdkey
  • DNS-Hijacking
  • Dataplicity
  • Decrypt-RDCMan
  • DecryptRDCManager
  • Dirty-Vanity
  • EarthWorm
  • Eventlogedit-evt--General
  • Eventlogedit-evtx--Evolution
  • ForgeCert
  • FruityC2
  • GMSAPasswordReader
  • GlobalUnProtect
  • GodPotato
  • Imminent-Monitor
  • Inveigh
  • Invoke-RDPThief
  • JuicyPotato
  • KeeTheft
  • KrbRelay
  • KrbRelay-SMBServer
  • KrbRelayUp
  • LAPSToolkit
  • LsassReflectDumping
  • MSSprinkler
  • MozillaCookiesView
  • NamelessC2
  • NetSess
  • NetworkServiceExploit
  • NoPowerShell
  • PSAttack
  • PWDumpX
  • PassTheCert
  • PortQry
  • Poshito
  • PowerShellRunner
  • PowerUpSQL
  • PowerView
  • Prince-Ransomware
  • PrintSpoofer
  • PrivExchange
  • Procdump
  • PwDump7
  • PwDump8
  • RottenPotatoNG
  • Rubeus
  • RunasCs
  • Rust Localtunnels
  • RustiveDump
  • SCMUACBypass
  • SMBTrap
  • Seatbelt
  • ShadowSpray
  • SharpChrome
  • SharpDPAPI
  • SharpEfsPotato
  • SharpGPOAbuse
  • SharpGpo
  • SharpHound
  • SharpKatz
  • SharpLAPS
  • SharpMove
  • SharpOxidResolver
  • SharpPack
  • SharpRDP
  • SharpSCCM
  • SharpSQL
  • SharpUp
  • SharpView
  • Sharpmad
  • SigmaPotato
  • SimpleBackdoorAdmin
  • Smbtouch-Scanner
  • Termite
  • Trellonet
  • WCE
  • Whisker
  • adfsbrute
  • arp
  • atnow
  • attrib
  • btunnel
  • burrow
  • certoc
  • cobaltstrike
  • creddump7
  • csexec
  • dir
  • dropbear
  • easyupload.io
  • echo
  • emkei.cz
  • fgdump
  • find
  • findstr
  • hak5 cloudc2
  • htran
  • libprocesshider
  • ln
  • localtunnels
  • localxpose
  • lslsass
  • ms-appinstaller
  • net
  • powershell
  • precompiled-binaries
  • pretender
  • pslist
  • psobf
  • putty
  • pwnlook
  • quarkspwdump
  • rdp
  • reg
  • resocks
  • sc
  • shootback
  • smbscan
  • sshdoor
  • stunnel
  • tmate
  • tun2socks
  • unset
  • w32times
  • wevtutil
  • winPEAS
  • winexe
  • wso-webshell
  • xspy

⚠️ **Details of added + updated tools Full Changelog: v1.0.5...v1.0.6

New contribution