2 results found Sort:

DamonMohammadbagher
ETWProcessMon2 DamonMohammadbagher
67
283
unknown
10
ETWProcessMon2 is for Monitoring Process/Thread/Memory/Imageloads/TCPIP via ETW + Detection for Remote-Thread-Injection & Payload Detection by VirtualMemAlloc Events (in-memory) etc.
etw blueteam imageloads memory-scanner thread-monitor memory-scanning tcpip-monitoring payload-detection processmonitoring realtime-monitoring technique-detection detection-etw-events meterpreter-detection cobaltstrike-detection threat-hunting-via-etw remote-thread-injection threat-hunting-via-sysmon malicious-traffic-detection memory-scanner-by-etw-events virtualmemallocation-detection
Created 2021-07-08
1,247 commits to main branch, last one 3 months ago
DamonMohammadbagher
Meterpreter_Payload_Detection DamonMohammadbagher
64
160
unknown
13
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool
etw mpd signature meterpreter etwmonthread thread-injection meterpreter-detection meterpreter-signature etw-monitoring-threads thread-injection-detection meterpreter-payload-detection
Created 2016-12-03
100 commits to master branch, last one 2 years ago