├── .gitattributes ├── .github └── workflows │ ├── cloud-web.yml │ └── main.yml ├── .gitignore ├── .gitmodules ├── BLUESPAWN-win-client ├── .clang-format ├── BLUESPAWN-client.exe.manifest ├── BLUESPAWN-client.vcxproj ├── headers │ ├── hunt │ │ ├── Hunt.h │ │ ├── HuntInfo.h │ │ ├── HuntRegister.h │ │ ├── RegistryHunt.h │ │ ├── Scope.h │ │ └── hunts │ │ │ ├── HuntT1036.h │ │ │ ├── HuntT1037.h │ │ │ ├── HuntT1053.h │ │ │ ├── HuntT1055.h │ │ │ ├── HuntT1068.h │ │ │ ├── HuntT1070.h │ │ │ ├── HuntT1136.h │ │ │ ├── HuntT1484.h │ │ │ ├── HuntT1505.h │ │ │ ├── HuntT1543.h │ │ │ ├── HuntT1546.h │ │ │ ├── HuntT1547.h │ │ │ ├── HuntT1548.h │ │ │ ├── HuntT1553.h │ │ │ ├── HuntT1562.h │ │ │ └── HuntT1569.h │ ├── mitigation │ │ ├── Mitigation.h │ │ ├── MitigationRegister.h │ │ ├── Software.h │ │ ├── mitigations │ │ │ ├── MitigateM1025.h │ │ │ ├── MitigateM1028-WFW.h │ │ │ ├── MitigateM1035-RDP.h │ │ │ ├── MitigateM1042-LLMNR.h │ │ │ ├── MitigateM1042-NBT.h │ │ │ ├── MitigateM1042-WSH.h │ │ │ ├── MitigateM1047.h │ │ │ ├── MitigateM1054-RDP.h │ │ │ ├── MitigateM1054-WSC.h │ │ │ ├── MitigateV1093.h │ │ │ ├── MitigateV1153.h │ │ │ ├── MitigateV3338.h │ │ │ ├── MitigateV3340.h │ │ │ ├── MitigateV3344.h │ │ │ ├── MitigateV3379.h │ │ │ ├── MitigateV3479.h │ │ │ ├── MitigateV63597.h │ │ │ ├── MitigateV63687.h │ │ │ ├── MitigateV63753.h │ │ │ ├── MitigateV63817.h │ │ │ ├── MitigateV63825.h │ │ │ ├── MitigateV63829.h │ │ │ ├── MitigateV71769.h │ │ │ ├── MitigateV72753.h │ │ │ ├── MitigateV73511.h │ │ │ ├── MitigateV73519.h │ │ │ └── MitigateV73585.h │ │ └── policy │ │ │ ├── CombinePolicy.h │ │ │ ├── EventLogPolicy.h │ │ │ ├── FirewallRulePolicy.h │ │ │ ├── MitigationPolicy.h │ │ │ ├── RegistryPolicy.h │ │ │ ├── SubkeyPolicy.h │ │ │ └── ValuePolicy.h │ ├── monitor │ │ ├── ETW_Wrapper.h │ │ ├── Event.h │ │ ├── EventListener.h │ │ └── EventManager.h │ ├── reaction │ │ ├── CarveMemory.h │ │ ├── DeleteFile.h │ │ ├── Detections.h │ │ ├── QuarantineFile.h │ │ ├── Reaction.h │ │ ├── ReactionManager.h │ │ ├── RemoveValue.h │ │ └── SuspendProcess.h │ ├── scan │ │ ├── DetectionRegister.h │ │ ├── Detections.h │ │ ├── FileScanner.h │ │ ├── MemoryScanner.h │ │ ├── ProcessScanner.h │ │ ├── RegistryScanner.h │ │ ├── ScanInfo.h │ │ ├── Scanner.h │ │ ├── ServiceScanner.h │ │ └── YaraScanner.h │ ├── user │ │ ├── CLI.h │ │ ├── banners.h │ │ ├── bluespawn.h │ │ └── iobase.h │ └── util │ │ ├── DynamicLinker.h │ │ ├── Internals.h │ │ ├── Promise.h │ │ ├── StringUtils.h │ │ ├── ThreadPool.h │ │ ├── Utils.h │ │ ├── configurations │ │ ├── CollectInfo.h │ │ ├── Registry.h │ │ ├── RegistryValue.h │ │ └── ScheduledTasks.h │ │ ├── eventlogs │ │ ├── EventLogItem.h │ │ ├── EventLogs.h │ │ ├── EventSubscription.h │ │ └── XpathQuery.h │ │ ├── filesystem │ │ └── FileSystem.h │ │ ├── log │ │ ├── CLISink.h │ │ ├── DebugSink.h │ │ ├── DetectionSink.h │ │ ├── JSONSink.h │ │ ├── Log.h │ │ ├── LogLevel.h │ │ ├── LogSink.h │ │ ├── Loggable.h │ │ └── XMLSink.h │ │ ├── pe │ │ ├── Export_Section.h │ │ ├── Image_Loader.h │ │ ├── Import_Section.h │ │ ├── PE_Image.h │ │ ├── PE_Section.h │ │ ├── Relocation_Section.h │ │ └── Resource_Section.h │ │ ├── permissions │ │ └── permissions.h │ │ ├── processes │ │ ├── Analyzer.h │ │ ├── CheckLolbin.h │ │ ├── CommandParser.h │ │ ├── PERemover.h │ │ ├── ParseCobalt.h │ │ ├── ProcessChecker.h │ │ └── ProcessUtils.h │ │ └── wrappers.hpp ├── libpeconv.vcxproj ├── pe-sieve.vcxproj ├── resources │ ├── BLUESPAWN-client.rc │ ├── BLUESPAWN.ico │ ├── SIP │ ├── TrustProviders │ ├── bluespawn-original │ │ └── kernel32_kernelbase_ror13.yar │ ├── indicators.yar │ ├── mitigations.json │ ├── resource.h │ ├── severe.yar │ ├── severe2.yar │ └── third-party-integration │ │ ├── ConventionEngine.yar │ │ ├── core.webshell_detection.yara │ │ ├── extended.webshell_detection.yara │ │ ├── kiwi_passwords.yar │ │ └── win_metasploit_related.yara ├── src │ ├── hunt │ │ ├── Hunt.cpp │ │ ├── HuntRegister.cpp │ │ ├── RegistryHunt.cpp │ │ ├── Scope.cpp │ │ └── hunts │ │ │ ├── HuntT1036.cpp │ │ │ ├── HuntT1037.cpp │ │ │ ├── HuntT1053.cpp │ │ │ ├── HuntT1055.cpp │ │ │ ├── HuntT1068.cpp │ │ │ ├── HuntT1070.cpp │ │ │ ├── HuntT1136.cpp │ │ │ ├── HuntT1484.cpp │ │ │ ├── HuntT1505.cpp │ │ │ ├── HuntT1543.cpp │ │ │ ├── HuntT1546.cpp │ │ │ ├── HuntT1547.cpp │ │ │ ├── HuntT1548.cpp │ │ │ ├── HuntT1553.cpp │ │ │ ├── HuntT1562.cpp │ │ │ └── HuntT1569.cpp │ ├── mitigation │ │ ├── Mitigation.cpp │ │ ├── MitigationRegister.cpp │ │ ├── Software.cpp │ │ ├── mitigations │ │ │ ├── MitigateM1025.cpp │ │ │ ├── MitigateM1028-WFW.cpp │ │ │ ├── MitigateM1035-RDP.cpp │ │ │ ├── MitigateM1042-LLMNR.cpp │ │ │ ├── MitigateM1042-NBT.cpp │ │ │ ├── MitigateM1042-WSH.cpp │ │ │ ├── MitigateM1047.cpp │ │ │ ├── MitigateM1054-RDP.cpp │ │ │ ├── MitigateM1054-WSC.cpp │ │ │ ├── MitigateV1093.cpp │ │ │ ├── MitigateV1153.cpp │ │ │ ├── MitigateV3338.cpp │ │ │ ├── MitigateV3340.cpp │ │ │ ├── MitigateV3344.cpp │ │ │ ├── MitigateV3379.cpp │ │ │ ├── MitigateV3479.cpp │ │ │ ├── MitigateV63597.cpp │ │ │ ├── MitigateV63687.cpp │ │ │ ├── MitigateV63753.cpp │ │ │ ├── MitigateV63817.cpp │ │ │ ├── MitigateV63825.cpp │ │ │ ├── MitigateV63829.cpp │ │ │ ├── MitigateV71769.cpp │ │ │ ├── MitigateV72753.cpp │ │ │ ├── MitigateV73511.cpp │ │ │ ├── MitigateV73519.cpp │ │ │ └── MitigateV73585.cpp │ │ └── policy │ │ │ ├── CombinePolicy.cpp │ │ │ ├── EventLogPolicy.cpp │ │ │ ├── FirewallPolicy.cpp │ │ │ ├── MitigationPolicy.cpp │ │ │ └── RegistryPolicy.cpp │ ├── monitor │ │ ├── Event.cpp │ │ ├── EventListener.cpp │ │ ├── EventManager.cpp │ │ └── etw │ │ │ └── ETW_Wrapper.cpp │ ├── reaction │ │ ├── CarveMemory.cpp │ │ ├── DeleteFile.cpp │ │ ├── QuarantineFile.cpp │ │ ├── ReactionManager.cpp │ │ ├── RemoveValue.cpp │ │ └── SuspendProcess.cpp │ ├── scan │ │ ├── Detection.cpp │ │ ├── DetectionRegister.cpp │ │ ├── FileScanner.cpp │ │ ├── MemoryScanner.cpp │ │ ├── ProcessScanner.cpp │ │ ├── RegistryScanner.cpp │ │ ├── ScanInfo.cpp │ │ ├── Scanner.cpp │ │ ├── ServiceScanner.cpp │ │ └── YaraScanner.cpp │ ├── user │ │ ├── BLUESPAWN.cpp │ │ ├── CLI.cpp │ │ └── banners.cpp │ ├── util │ │ ├── DynamicLinker.cpp │ │ ├── StringUtils.cpp │ │ ├── ThreadPool.cpp │ │ ├── Utils.cpp │ │ ├── configurations │ │ │ ├── CollectInfo.cpp │ │ │ ├── RegistryKey.cpp │ │ │ └── RegistryValue.cpp │ │ ├── eventlogs │ │ │ ├── EventLogItem.cpp │ │ │ ├── EventLogs.cpp │ │ │ ├── EventSubscription.cpp │ │ │ └── XpathQuery.cpp │ │ ├── filesystem │ │ │ └── FileSystem.cpp │ │ ├── log │ │ │ ├── CLISink.cpp │ │ │ ├── DebugSink.cpp │ │ │ ├── JSONSink.cpp │ │ │ ├── Log.cpp │ │ │ ├── LogLevel.cpp │ │ │ └── XMLSink.cpp │ │ ├── pe │ │ │ ├── Export_Section.cpp │ │ │ ├── Image_Loader.cpp │ │ │ ├── Import_Section.cpp │ │ │ ├── PE_Image.cpp │ │ │ ├── PE_Section.cpp │ │ │ ├── Relocation_Section.cpp │ │ │ └── Resource_Section.cpp │ │ ├── permissions │ │ │ └── permissions.cpp │ │ └── processes │ │ │ ├── Analyzer.cpp │ │ │ ├── CheckLolbin.cpp │ │ │ ├── CommandParser.cpp │ │ │ ├── PERemover.cpp │ │ │ ├── ParseCobalt.cpp │ │ │ └── ProcessUtils.cpp │ └── yara │ │ ├── args.c │ │ ├── args.h │ │ ├── common.h │ │ └── yarac.c └── yarac.vcxproj ├── BLUESPAWN.sln ├── CODE_OF_CONDUCT.md ├── LICENSE ├── README.md ├── config ├── buildsettings.props └── buildstructure.props ├── docs ├── BLUESPAWN │ ├── __init__.py │ ├── asgi.py │ ├── settings.py │ ├── static │ │ └── BLUESPAWN │ │ │ └── BLUESPAWN.css │ ├── templates │ │ └── BLUESPAWN │ │ │ ├── base.html │ │ │ └── index.html │ ├── urls.py │ ├── views.py │ └── wsgi.py ├── Pipfile ├── Procfile ├── bluespawn.cloud ├── clear_uploads.sh ├── django.ini ├── manage.py ├── media │ ├── Defcon28-BlueTeamVillage-BLUESPAWN-Presentation.pdf │ ├── coverage-all.json │ ├── coverage-hunts.json │ └── coverage-mitigations.json ├── requirements.txt └── web │ ├── __init__.py │ ├── admin.py │ ├── apps.py │ ├── migrations │ └── __init__.py │ ├── models.py │ ├── templates │ ├── about.html │ ├── coverage.html │ ├── quickstart.html │ └── report.html │ ├── tests.py │ ├── urls.py │ └── views.py ├── testing ├── attack │ ├── hunt-t1546-012-test001.bat │ └── hunt-t1546-012-test002.bat ├── clean │ ├── hunt-t1546-012-test001-clean.bat │ └── hunt-t1546-012-test002-clean.bat ├── run-atomic-prep.ps1 ├── run-atomic-tests.ps1 └── run-hunt-results-comparison.ps1 └── vcpkg_response_file.txt /.gitattributes: -------------------------------------------------------------------------------- 1 | *.vcxproj.filters merge=union 2 | -------------------------------------------------------------------------------- /.github/workflows/cloud-web.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/.github/workflows/cloud-web.yml -------------------------------------------------------------------------------- /.github/workflows/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/.github/workflows/main.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/.gitignore -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/.gitmodules -------------------------------------------------------------------------------- /BLUESPAWN-win-client/.clang-format: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/.clang-format -------------------------------------------------------------------------------- /BLUESPAWN-win-client/BLUESPAWN-client.exe.manifest: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/BLUESPAWN-client.exe.manifest -------------------------------------------------------------------------------- /BLUESPAWN-win-client/BLUESPAWN-client.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/BLUESPAWN-client.vcxproj -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/Hunt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/Hunt.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/HuntInfo.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/HuntInfo.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/HuntRegister.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/HuntRegister.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/RegistryHunt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/RegistryHunt.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/Scope.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/Scope.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1036.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1036.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1037.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1037.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1053.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1053.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1055.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1055.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1068.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1068.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1070.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1070.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1136.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1136.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1484.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1484.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1505.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1505.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1543.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1543.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1546.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1546.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1547.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1547.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1548.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1548.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1553.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1553.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1562.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1562.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/hunt/hunts/HuntT1569.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/hunt/hunts/HuntT1569.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/Mitigation.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/Mitigation.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/MitigationRegister.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/MitigationRegister.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/Software.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/Software.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1025.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1025.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1028-WFW.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1028-WFW.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1035-RDP.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1035-RDP.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-LLMNR.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-LLMNR.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-NBT.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-NBT.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-WSH.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1042-WSH.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1047.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1047.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1054-RDP.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1054-RDP.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1054-WSC.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateM1054-WSC.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV1093.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV1093.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV1153.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV1153.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3338.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3338.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3340.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3340.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3344.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3344.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3379.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3379.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3479.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV3479.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63597.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63597.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63687.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63687.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63753.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63753.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63817.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63817.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63825.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63825.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63829.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV63829.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV71769.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV71769.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV72753.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV72753.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73511.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73511.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73519.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73519.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73585.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/mitigations/MitigateV73585.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/CombinePolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/CombinePolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/EventLogPolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/EventLogPolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/FirewallRulePolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/FirewallRulePolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/MitigationPolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/MitigationPolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/RegistryPolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/RegistryPolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/SubkeyPolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/SubkeyPolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/mitigation/policy/ValuePolicy.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/mitigation/policy/ValuePolicy.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/monitor/ETW_Wrapper.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/monitor/ETW_Wrapper.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/monitor/Event.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/monitor/Event.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/monitor/EventListener.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/monitor/EventListener.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/monitor/EventManager.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/monitor/EventManager.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/CarveMemory.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/CarveMemory.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/DeleteFile.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/DeleteFile.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/Detections.h: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/QuarantineFile.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/QuarantineFile.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/Reaction.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/Reaction.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/ReactionManager.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/ReactionManager.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/RemoveValue.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/RemoveValue.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/reaction/SuspendProcess.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/reaction/SuspendProcess.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/DetectionRegister.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/DetectionRegister.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/Detections.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/Detections.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/FileScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/FileScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/MemoryScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/MemoryScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/ProcessScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/ProcessScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/RegistryScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/RegistryScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/ScanInfo.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/ScanInfo.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/Scanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/Scanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/ServiceScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/ServiceScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/scan/YaraScanner.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/scan/YaraScanner.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/user/CLI.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/user/CLI.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/user/banners.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/user/banners.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/user/bluespawn.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/user/bluespawn.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/user/iobase.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/user/iobase.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/DynamicLinker.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/DynamicLinker.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/Internals.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/Internals.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/Promise.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/Promise.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/StringUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/StringUtils.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/ThreadPool.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/ThreadPool.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/Utils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/Utils.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/configurations/CollectInfo.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/configurations/CollectInfo.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/configurations/Registry.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/configurations/Registry.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/configurations/RegistryValue.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/configurations/RegistryValue.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/configurations/ScheduledTasks.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/configurations/ScheduledTasks.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/eventlogs/EventLogItem.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/eventlogs/EventLogItem.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/eventlogs/EventLogs.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/eventlogs/EventLogs.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/eventlogs/EventSubscription.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/eventlogs/EventSubscription.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/eventlogs/XpathQuery.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/eventlogs/XpathQuery.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/filesystem/FileSystem.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/filesystem/FileSystem.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/CLISink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/CLISink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/DebugSink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/DebugSink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/DetectionSink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/DetectionSink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/JSONSink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/JSONSink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/Log.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/Log.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/LogLevel.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/LogLevel.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/LogSink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/LogSink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/Loggable.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/Loggable.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/log/XMLSink.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/log/XMLSink.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/Export_Section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/Export_Section.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/Image_Loader.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/Image_Loader.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/Import_Section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/Import_Section.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/PE_Image.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/PE_Image.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/PE_Section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/PE_Section.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/Relocation_Section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/Relocation_Section.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/pe/Resource_Section.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/pe/Resource_Section.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/permissions/permissions.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/permissions/permissions.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/Analyzer.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/Analyzer.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/CheckLolbin.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/CheckLolbin.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/CommandParser.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/CommandParser.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/PERemover.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/PERemover.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/ParseCobalt.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/ParseCobalt.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/ProcessChecker.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/ProcessChecker.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/processes/ProcessUtils.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/processes/ProcessUtils.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/headers/util/wrappers.hpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/headers/util/wrappers.hpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/libpeconv.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/libpeconv.vcxproj -------------------------------------------------------------------------------- /BLUESPAWN-win-client/pe-sieve.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/pe-sieve.vcxproj -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/BLUESPAWN-client.rc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/BLUESPAWN-client.rc -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/BLUESPAWN.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/BLUESPAWN.ico -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/SIP: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/SIP -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/TrustProviders: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/TrustProviders -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/bluespawn-original/kernel32_kernelbase_ror13.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/bluespawn-original/kernel32_kernelbase_ror13.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/indicators.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/indicators.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/mitigations.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/mitigations.json -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/resource.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/resource.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/severe.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/severe.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/severe2.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/severe2.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/third-party-integration/ConventionEngine.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/third-party-integration/ConventionEngine.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/third-party-integration/core.webshell_detection.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/third-party-integration/core.webshell_detection.yara -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/third-party-integration/extended.webshell_detection.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/third-party-integration/extended.webshell_detection.yara -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/third-party-integration/kiwi_passwords.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/third-party-integration/kiwi_passwords.yar -------------------------------------------------------------------------------- /BLUESPAWN-win-client/resources/third-party-integration/win_metasploit_related.yara: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/resources/third-party-integration/win_metasploit_related.yara -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/Hunt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/Hunt.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/HuntRegister.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/HuntRegister.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/RegistryHunt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/RegistryHunt.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/Scope.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/Scope.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1036.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1036.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1037.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1037.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1053.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1053.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1055.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1055.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1068.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1068.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1070.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1070.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1136.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1136.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1484.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1484.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1505.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1505.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1543.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1543.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1546.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1546.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1547.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1547.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1548.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1548.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1553.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1553.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1562.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1562.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/hunt/hunts/HuntT1569.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/hunt/hunts/HuntT1569.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/Mitigation.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/Mitigation.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/MitigationRegister.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/MitigationRegister.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/Software.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/Software.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1025.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1025.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1028-WFW.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1028-WFW.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1035-RDP.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1035-RDP.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-LLMNR.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-LLMNR.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-NBT.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-NBT.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-WSH.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1042-WSH.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1047.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1047.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1054-RDP.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1054-RDP.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1054-WSC.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateM1054-WSC.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV1093.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV1093.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV1153.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV1153.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3338.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3338.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3340.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3340.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3344.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3344.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3379.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3379.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3479.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV3479.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63597.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63597.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63687.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63687.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63753.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63753.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63817.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63817.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63825.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63825.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63829.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV63829.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV71769.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV71769.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV72753.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV72753.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73511.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73511.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73519.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73519.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73585.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/mitigations/MitigateV73585.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/policy/CombinePolicy.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/policy/CombinePolicy.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/policy/EventLogPolicy.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/policy/EventLogPolicy.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/policy/FirewallPolicy.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/policy/FirewallPolicy.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/policy/MitigationPolicy.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/policy/MitigationPolicy.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/mitigation/policy/RegistryPolicy.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/mitigation/policy/RegistryPolicy.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/monitor/Event.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/monitor/Event.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/monitor/EventListener.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/monitor/EventListener.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/monitor/EventManager.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/monitor/EventManager.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/monitor/etw/ETW_Wrapper.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/monitor/etw/ETW_Wrapper.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/CarveMemory.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/CarveMemory.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/DeleteFile.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/DeleteFile.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/QuarantineFile.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/QuarantineFile.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/ReactionManager.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/ReactionManager.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/RemoveValue.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/RemoveValue.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/reaction/SuspendProcess.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/reaction/SuspendProcess.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/Detection.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/Detection.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/DetectionRegister.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/DetectionRegister.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/FileScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/FileScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/MemoryScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/MemoryScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/ProcessScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/ProcessScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/RegistryScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/RegistryScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/ScanInfo.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/ScanInfo.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/Scanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/Scanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/ServiceScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/ServiceScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/scan/YaraScanner.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/scan/YaraScanner.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/user/BLUESPAWN.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/user/BLUESPAWN.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/user/CLI.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/user/CLI.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/user/banners.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/user/banners.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/DynamicLinker.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/DynamicLinker.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/StringUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/StringUtils.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/ThreadPool.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/ThreadPool.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/Utils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/Utils.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/configurations/CollectInfo.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/configurations/CollectInfo.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/configurations/RegistryKey.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/configurations/RegistryKey.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/configurations/RegistryValue.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/configurations/RegistryValue.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/eventlogs/EventLogItem.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/eventlogs/EventLogItem.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/eventlogs/EventLogs.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/eventlogs/EventLogs.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/eventlogs/EventSubscription.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/eventlogs/EventSubscription.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/eventlogs/XpathQuery.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/eventlogs/XpathQuery.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/filesystem/FileSystem.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/filesystem/FileSystem.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/CLISink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/CLISink.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/DebugSink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/DebugSink.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/JSONSink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/JSONSink.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/Log.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/Log.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/LogLevel.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/LogLevel.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/log/XMLSink.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/log/XMLSink.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/Export_Section.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/Export_Section.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/Image_Loader.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/Image_Loader.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/Import_Section.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/Import_Section.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/PE_Image.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/PE_Image.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/PE_Section.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/PE_Section.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/Relocation_Section.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/pe/Relocation_Section.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/pe/Resource_Section.cpp: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/permissions/permissions.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/permissions/permissions.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/Analyzer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/Analyzer.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/CheckLolbin.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/CheckLolbin.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/CommandParser.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/CommandParser.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/PERemover.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/PERemover.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/ParseCobalt.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/ParseCobalt.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/util/processes/ProcessUtils.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/util/processes/ProcessUtils.cpp -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/yara/args.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/yara/args.c -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/yara/args.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/yara/args.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/yara/common.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/yara/common.h -------------------------------------------------------------------------------- /BLUESPAWN-win-client/src/yara/yarac.c: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/src/yara/yarac.c -------------------------------------------------------------------------------- /BLUESPAWN-win-client/yarac.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN-win-client/yarac.vcxproj -------------------------------------------------------------------------------- /BLUESPAWN.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/BLUESPAWN.sln -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/CODE_OF_CONDUCT.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/README.md -------------------------------------------------------------------------------- /config/buildsettings.props: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/config/buildsettings.props -------------------------------------------------------------------------------- /config/buildstructure.props: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/config/buildstructure.props -------------------------------------------------------------------------------- /docs/BLUESPAWN/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docs/BLUESPAWN/asgi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/asgi.py -------------------------------------------------------------------------------- /docs/BLUESPAWN/settings.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/settings.py -------------------------------------------------------------------------------- /docs/BLUESPAWN/static/BLUESPAWN/BLUESPAWN.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/static/BLUESPAWN/BLUESPAWN.css -------------------------------------------------------------------------------- /docs/BLUESPAWN/templates/BLUESPAWN/base.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/templates/BLUESPAWN/base.html -------------------------------------------------------------------------------- /docs/BLUESPAWN/templates/BLUESPAWN/index.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/templates/BLUESPAWN/index.html -------------------------------------------------------------------------------- /docs/BLUESPAWN/urls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/urls.py -------------------------------------------------------------------------------- /docs/BLUESPAWN/views.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/views.py -------------------------------------------------------------------------------- /docs/BLUESPAWN/wsgi.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/BLUESPAWN/wsgi.py -------------------------------------------------------------------------------- /docs/Pipfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/Pipfile -------------------------------------------------------------------------------- /docs/Procfile: -------------------------------------------------------------------------------- 1 | release: python manage.py migrate 2 | web: gunicorn BLUESPAWN.wsgi 3 | -------------------------------------------------------------------------------- /docs/bluespawn.cloud: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/bluespawn.cloud -------------------------------------------------------------------------------- /docs/clear_uploads.sh: -------------------------------------------------------------------------------- 1 | find ~/BLUESPAWN/docs/media/scans/ -type f -mtime +1 -exec rm {} + 2 | -------------------------------------------------------------------------------- /docs/django.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/django.ini -------------------------------------------------------------------------------- /docs/manage.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/manage.py -------------------------------------------------------------------------------- /docs/media/Defcon28-BlueTeamVillage-BLUESPAWN-Presentation.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/media/Defcon28-BlueTeamVillage-BLUESPAWN-Presentation.pdf -------------------------------------------------------------------------------- /docs/media/coverage-all.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/media/coverage-all.json -------------------------------------------------------------------------------- /docs/media/coverage-hunts.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/media/coverage-hunts.json -------------------------------------------------------------------------------- /docs/media/coverage-mitigations.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/media/coverage-mitigations.json -------------------------------------------------------------------------------- /docs/requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/requirements.txt -------------------------------------------------------------------------------- /docs/web/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docs/web/admin.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/admin.py -------------------------------------------------------------------------------- /docs/web/apps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/apps.py -------------------------------------------------------------------------------- /docs/web/migrations/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /docs/web/models.py: -------------------------------------------------------------------------------- 1 | from django.db import models 2 | 3 | -------------------------------------------------------------------------------- /docs/web/templates/about.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/templates/about.html -------------------------------------------------------------------------------- /docs/web/templates/coverage.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/templates/coverage.html -------------------------------------------------------------------------------- /docs/web/templates/quickstart.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/templates/quickstart.html -------------------------------------------------------------------------------- /docs/web/templates/report.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/templates/report.html -------------------------------------------------------------------------------- /docs/web/tests.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/tests.py -------------------------------------------------------------------------------- /docs/web/urls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/urls.py -------------------------------------------------------------------------------- /docs/web/views.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/docs/web/views.py -------------------------------------------------------------------------------- /testing/attack/hunt-t1546-012-test001.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/attack/hunt-t1546-012-test001.bat -------------------------------------------------------------------------------- /testing/attack/hunt-t1546-012-test002.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/attack/hunt-t1546-012-test002.bat -------------------------------------------------------------------------------- /testing/clean/hunt-t1546-012-test001-clean.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/clean/hunt-t1546-012-test001-clean.bat -------------------------------------------------------------------------------- /testing/clean/hunt-t1546-012-test002-clean.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/clean/hunt-t1546-012-test002-clean.bat -------------------------------------------------------------------------------- /testing/run-atomic-prep.ps1: -------------------------------------------------------------------------------- 1 | # Needed for T1505.003 2 | # mkdir C:\inetpub\wwwroot 3 | -------------------------------------------------------------------------------- /testing/run-atomic-tests.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/run-atomic-tests.ps1 -------------------------------------------------------------------------------- /testing/run-hunt-results-comparison.ps1: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/testing/run-hunt-results-comparison.ps1 -------------------------------------------------------------------------------- /vcpkg_response_file.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ION28/BLUESPAWN/HEAD/vcpkg_response_file.txt --------------------------------------------------------------------------------