v1.0.3
June 2024 updates
- 97 tools added + multiple tools updated
- 43126 detection patterns
- WebSite: https://mthcht.github.io/ThreatHunting-Keywords/
- Individual Tool Lists: https://github.com/mthcht/ThreatHunting-Keywords/tree/main/tools
- Yara Rules: https://github.com/mthcht/ThreatHunting-Keywords-yara-rules
- ThreatHunting-Keywords project: https://github.com/mthcht/ThreatHunting-Keywords
- Specific Artifact Lists Updated: https://github.com/mthcht/awesome-lists/tree/main/Lists
Added:
- Alpemix
- AmperageKit
- AnyplaceControl
- anyviewer
- atexec-pro
- AutoHotkey
- auvik
- AV_Evasion_Tool
- AVKiller
- aweray
- Azure Storage Explorer
- chntpw
- clickjack
- comsvcs.dll
- conpass
- crowdstrike falcon
- csvde
- Ddexec
- DEDSEC-RANSOMWARE
- Disable-TamperProtection
- discord
- discord-c2
- Discord-RAT-2.0
- DriverDump
- fetch-some-proxies
- File-Tunnel
- Get-WmiObject
- GlllPowerloader
- gofile.io
- hidden-tear
- Ikeext-Privesc
- impacketremoteshell
- Invoke-ADEnum
- Invoke-DumpMDEConfig
- killProcessPOC
- level.io
- localtonet
- Lockless
- MakeMeAdmin
- MDE_Enum
- MetasploitCoop
- Microsoft Recall
- mimipy
- mythic
- net
- NetRipper
- nipe
- NoodleRAT
- NordVPN
- OshiUpload
- pcunlocker
- PewPewPew
- pico
- POC
- PowerBreach
- Powerpick
- powershell
- PWA-Phishing
- pyobfuscate
- PySQLRecon
- ransomware_notes
- RdpStrike
- rdrleakdiag
- RealBlindingEDR
- reconftw
- reg
- regsvr32
- RemoteKrbRelay
- responder
- rotateproxy
- SafetyDump
- sc
- SchTask_0x727
- ScriptBlock-Smuggling
- sdelete
- set
- ShadowStealer
- SharpAppLocker
- SharpCOM
- SharpDecryptPwd
- SharpEdge
- SharpLogger
- SharpSC
- SharpSSDP
- SharpThief
- spinningteacup
- suo5
- TotalRecall
- tsh
- tsh-go
- Tsunami
- usaupload
- VenomousSway
- VNCViewer
- Voidgate
- wmic
- XiebroC2
Details of added + updated tools Full Changelog: v1.0.2...v1.0.3