exchange_webshell_detection
Encrypt-Delete-Test
exchange_webshell_detection | Encrypt-Delete-Test | |
---|---|---|
8 | 6 | |
83 | 38 | |
- | - | |
4.4 | 7.8 | |
about 3 years ago | 8 months ago | |
PowerShell | HTML | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
exchange_webshell_detection
- CERT Latvia False Positive on their Detect Webshells Script
- CERT Latvia False Positiver on their Detect Webshells Script
- Windows defender quarantined Microsoft Exchange exploit attempt immediately & reset virtual oab directory. Am i still compromised?
- cert-lv/exchange_webshell_detection - Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
-
HAFNIUM - Edited Files and File Left behind and other inquiries
Here's a script I found on bleepingcomputer that searches for several files. https://github.com/cert-lv/exchange_webshell_detection
- Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
-
At Least 30k U.S. Organizations Newly Hacked via Holes in MS’s Email Software
There's a powershell script to check your server here: https://github.com/cert-lv/exchange_webshell_detection
Encrypt-Delete-Test
-
How to protect from ransomware attack loop?
I have some new perspectives on Ransomware defense, you are welcome to check out from my blog, https://github.com/eddiechu/Encrypt-Delete-Test
-
Really can protect from ransomware encryption?
or https://github.com/eddiechu/Encrypt-Delete-Test
- Game Files introduce Ransomware??
- my new blog in GitHub about security
- my new blog in GitHub about security #infosec
What are some alternatives?
CSS-Exchange - Exchange Server support tools and scripts
threat-hostlist - Comprehensive domain blocklists for 🚨 threats (🕷malware, 🎣phishing, 🕵️spyware, 🤖botnets). Ideal for DNS-based filtering tools like Pi-Hole, AdGuard Home, Blocky.
PowerZure - PowerShell framework to assess Azure security
Cyber-Defence - Information released publicly by NCC Group's Cyber Incident Response Team
nishang - Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Get-ExchangeEnvironmentReport - This script creates an HTML report showing the following information about an Exchange 2019, 2016, 2013, 2010, and, to a lesser extent, 2007 and 2003 environment.
block - Let's make an annoyance free, better open internet, altogether!
red_team_attack_lab - Red Team Attack Lab for TTP testing & research
MrKaplan - MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.