├── Empire_from_AD.pcap.gz ├── README.md ├── Wmiexec-Regout-Whoami.pcap ├── amnesiac_invoke_smb_remoting_command_whoami.pcap ├── atexec_.pcap ├── attempt-spools-vuln-cve-2021-1675.pcap ├── aug16_part2.pcap.gz ├── aug19.pcap.gz ├── aug_16_par4.pcap.gz ├── capture-Mon-02-13-17-17-15-34_Empire.pcap.gz ├── capture-Mon-10-17-16-16-29-37_cerber.pcap.gz ├── capture-Thu-11-24-16-10-28-11_cerber.pcap.gz ├── capture-Tue-11-29-16-12-26-16_rig.pcap.gz ├── chip_host_signin.pcap.gz ├── cme-smb-chip-douglas.pcap ├── cme_wmiexec_snickle.pcap ├── dcom_ired_team_lateral_movement_mmc.pcap ├── dcompayload-poshc2.pcap ├── dcsync.pcapng ├── dcsync_secretsdump.pcap.gz ├── delete.pcap.gz ├── failed_choppydog.pcap.gz ├── find_service_accounts.pcap.gz ├── host_llogs ├── authentication.PML ├── internal_monologue_ntlm_.PML ├── mimikatz_KRBTGT.PML ├── powershell_download.PML ├── psexec_py.evtx ├── readme ├── remoterecon.evtx ├── vbscript_download.PML ├── wce.PML ├── wce_o.PML ├── winrm.PML ├── wmi_3.evtx └── wmiexec_2.evtx ├── impacket_psexec.pcap.gz ├── invoke-wmiexec.pcap ├── ipconf1.pcap.gz ├── ipconf2.pcap.gz ├── ipconf3.pcap.gz ├── ipconfig_all.pcap.gz ├── jon_3.pcap.gz ├── keionline_rig.pcap.gz ├── macgyver.pcap.gz ├── malware_infection.pcap.gz ├── mantak.pcap ├── mimikatz_rpc.pcap.gz ├── miscellaneous.pcap.gz ├── mmcexec.pcap ├── more_netshare.pcap.gz ├── multiple_psexecs_with_cmds_netstat_ipconfig.pcap.gz ├── net_group_DAs.pcap.gz ├── netshareenum.pcap.gz ├── netstat.pcap.gz ├── new-jscript-poshc2.pcap ├── normal_share_traversal.pcap.gz ├── over-pass-the-hash-mimikatz.pcap ├── pipekat-poshc2.pcap ├── post_rig_infection_svchost.pcap.gz ├── psexec_calc.pcap.gz ├── psexec_cmd.pcap.gz ├── pwshell-cmdlet-clear-eventlog-application.pcap ├── rdp-then-wmiexec.pcap ├── remcom.pcap ├── remote_copy_of_file.pcap.gz ├── remote_recon_toolie.pcapng ├── rig_dreambot_variant.pcap.gz ├── rpc_traffic.pcap.gz ├── rubeus-kerberoast-cmdline-parameter.pcap ├── samrdump.pcap.gz ├── schtasks.pcap ├── script_grab_from_github.pcap.gz ├── secretsdump_vssadmin.pcap ├── sharp-no-psexec.pcap ├── sharpcradle-sharpexec-wmiexec_.pcap ├── sharpnopsexec.pcap ├── smb_anomalous_traffic.pcap.gz ├── smb_exec_only_two_commands.pcap.gz ├── smbexec.pcap.gz ├── start-service.pcap ├── successful_choppydog_authentication.pcap.gz ├── tinkersec-ldapsearch.pcap ├── ultra_lab_03-14.pcap.gz ├── windows_miscellany.pcap.gz ├── winexesvc_.pcap ├── winreg_query_rdp_netshare_madness.pcap.gz ├── winrm_psremote_05-16.pcap ├── winrm_psremote_05-16.pcap.gz ├── wmi-service-remote.pcap ├── wmi_commands_calc.pcap.gz ├── wmi_exec1.pcap.gz ├── wmi_exec_2.pcap.gz ├── wmi_query.pcap.gz ├── wmi_to_powershell_empire.pcap.gz ├── wmi_to_vss.pcap.gz ├── wmiexec-pro-create-service-alternative-class.pcap ├── wmiexec.pcap.gz ├── wmiexecpro-create-start-service.pcap ├── wmimplant.pcap.gz └── xcopy_choppy_to_pick.pcap.gz /Empire_from_AD.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/Empire_from_AD.pcap.gz -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Pcaps and logs 2 | #pcaps and logs generated in my lab environment. Spans from malware, to normal traffic, to pentester tools 3 | -------------------------------------------------------------------------------- /Wmiexec-Regout-Whoami.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/Wmiexec-Regout-Whoami.pcap -------------------------------------------------------------------------------- /amnesiac_invoke_smb_remoting_command_whoami.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/amnesiac_invoke_smb_remoting_command_whoami.pcap -------------------------------------------------------------------------------- /atexec_.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/atexec_.pcap -------------------------------------------------------------------------------- /attempt-spools-vuln-cve-2021-1675.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/attempt-spools-vuln-cve-2021-1675.pcap -------------------------------------------------------------------------------- /aug16_part2.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/aug16_part2.pcap.gz -------------------------------------------------------------------------------- /aug19.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/aug19.pcap.gz -------------------------------------------------------------------------------- /aug_16_par4.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/aug_16_par4.pcap.gz -------------------------------------------------------------------------------- /capture-Mon-02-13-17-17-15-34_Empire.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/capture-Mon-02-13-17-17-15-34_Empire.pcap.gz -------------------------------------------------------------------------------- /capture-Mon-10-17-16-16-29-37_cerber.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/capture-Mon-10-17-16-16-29-37_cerber.pcap.gz -------------------------------------------------------------------------------- /capture-Thu-11-24-16-10-28-11_cerber.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/capture-Thu-11-24-16-10-28-11_cerber.pcap.gz -------------------------------------------------------------------------------- /capture-Tue-11-29-16-12-26-16_rig.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/capture-Tue-11-29-16-12-26-16_rig.pcap.gz -------------------------------------------------------------------------------- /chip_host_signin.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/chip_host_signin.pcap.gz -------------------------------------------------------------------------------- /cme-smb-chip-douglas.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/cme-smb-chip-douglas.pcap -------------------------------------------------------------------------------- /cme_wmiexec_snickle.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/cme_wmiexec_snickle.pcap -------------------------------------------------------------------------------- /dcom_ired_team_lateral_movement_mmc.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/dcom_ired_team_lateral_movement_mmc.pcap -------------------------------------------------------------------------------- /dcompayload-poshc2.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/dcompayload-poshc2.pcap -------------------------------------------------------------------------------- /dcsync.pcapng: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/dcsync.pcapng -------------------------------------------------------------------------------- /dcsync_secretsdump.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/dcsync_secretsdump.pcap.gz -------------------------------------------------------------------------------- /delete.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/delete.pcap.gz -------------------------------------------------------------------------------- /failed_choppydog.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/failed_choppydog.pcap.gz -------------------------------------------------------------------------------- /find_service_accounts.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/find_service_accounts.pcap.gz -------------------------------------------------------------------------------- /host_llogs/authentication.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/authentication.PML -------------------------------------------------------------------------------- /host_llogs/internal_monologue_ntlm_.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/internal_monologue_ntlm_.PML -------------------------------------------------------------------------------- /host_llogs/mimikatz_KRBTGT.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/mimikatz_KRBTGT.PML -------------------------------------------------------------------------------- /host_llogs/powershell_download.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/powershell_download.PML -------------------------------------------------------------------------------- /host_llogs/psexec_py.evtx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/psexec_py.evtx -------------------------------------------------------------------------------- /host_llogs/readme: -------------------------------------------------------------------------------- 1 | these are miscellaneous host logs including windows event logs and sysinternal logs 2 | -------------------------------------------------------------------------------- /host_llogs/remoterecon.evtx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/remoterecon.evtx -------------------------------------------------------------------------------- /host_llogs/vbscript_download.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/vbscript_download.PML -------------------------------------------------------------------------------- /host_llogs/wce.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/wce.PML -------------------------------------------------------------------------------- /host_llogs/wce_o.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/wce_o.PML -------------------------------------------------------------------------------- /host_llogs/winrm.PML: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/winrm.PML -------------------------------------------------------------------------------- /host_llogs/wmi_3.evtx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/wmi_3.evtx -------------------------------------------------------------------------------- /host_llogs/wmiexec_2.evtx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/host_llogs/wmiexec_2.evtx -------------------------------------------------------------------------------- /impacket_psexec.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/impacket_psexec.pcap.gz -------------------------------------------------------------------------------- /invoke-wmiexec.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/invoke-wmiexec.pcap -------------------------------------------------------------------------------- /ipconf1.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/ipconf1.pcap.gz -------------------------------------------------------------------------------- /ipconf2.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/ipconf2.pcap.gz -------------------------------------------------------------------------------- /ipconf3.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/ipconf3.pcap.gz -------------------------------------------------------------------------------- /ipconfig_all.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/ipconfig_all.pcap.gz -------------------------------------------------------------------------------- /jon_3.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/jon_3.pcap.gz -------------------------------------------------------------------------------- /keionline_rig.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/keionline_rig.pcap.gz -------------------------------------------------------------------------------- /macgyver.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/macgyver.pcap.gz -------------------------------------------------------------------------------- /malware_infection.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/malware_infection.pcap.gz -------------------------------------------------------------------------------- /mantak.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/mantak.pcap -------------------------------------------------------------------------------- /mimikatz_rpc.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/mimikatz_rpc.pcap.gz -------------------------------------------------------------------------------- /miscellaneous.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/miscellaneous.pcap.gz -------------------------------------------------------------------------------- /mmcexec.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/mmcexec.pcap -------------------------------------------------------------------------------- /more_netshare.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/more_netshare.pcap.gz -------------------------------------------------------------------------------- /multiple_psexecs_with_cmds_netstat_ipconfig.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/multiple_psexecs_with_cmds_netstat_ipconfig.pcap.gz -------------------------------------------------------------------------------- /net_group_DAs.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/net_group_DAs.pcap.gz -------------------------------------------------------------------------------- /netshareenum.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/netshareenum.pcap.gz -------------------------------------------------------------------------------- /netstat.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/netstat.pcap.gz -------------------------------------------------------------------------------- /new-jscript-poshc2.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/new-jscript-poshc2.pcap -------------------------------------------------------------------------------- /normal_share_traversal.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/normal_share_traversal.pcap.gz -------------------------------------------------------------------------------- /over-pass-the-hash-mimikatz.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/over-pass-the-hash-mimikatz.pcap -------------------------------------------------------------------------------- /pipekat-poshc2.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/pipekat-poshc2.pcap -------------------------------------------------------------------------------- /post_rig_infection_svchost.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/post_rig_infection_svchost.pcap.gz -------------------------------------------------------------------------------- /psexec_calc.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/psexec_calc.pcap.gz -------------------------------------------------------------------------------- /psexec_cmd.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/psexec_cmd.pcap.gz -------------------------------------------------------------------------------- /pwshell-cmdlet-clear-eventlog-application.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/pwshell-cmdlet-clear-eventlog-application.pcap -------------------------------------------------------------------------------- /rdp-then-wmiexec.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/rdp-then-wmiexec.pcap -------------------------------------------------------------------------------- /remcom.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/remcom.pcap -------------------------------------------------------------------------------- /remote_copy_of_file.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/remote_copy_of_file.pcap.gz -------------------------------------------------------------------------------- /remote_recon_toolie.pcapng: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/remote_recon_toolie.pcapng -------------------------------------------------------------------------------- /rig_dreambot_variant.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/rig_dreambot_variant.pcap.gz -------------------------------------------------------------------------------- /rpc_traffic.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/rpc_traffic.pcap.gz -------------------------------------------------------------------------------- /rubeus-kerberoast-cmdline-parameter.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/rubeus-kerberoast-cmdline-parameter.pcap -------------------------------------------------------------------------------- /samrdump.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/samrdump.pcap.gz -------------------------------------------------------------------------------- /schtasks.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/schtasks.pcap -------------------------------------------------------------------------------- /script_grab_from_github.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/script_grab_from_github.pcap.gz -------------------------------------------------------------------------------- /secretsdump_vssadmin.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/secretsdump_vssadmin.pcap -------------------------------------------------------------------------------- /sharp-no-psexec.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/sharp-no-psexec.pcap -------------------------------------------------------------------------------- /sharpcradle-sharpexec-wmiexec_.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/sharpcradle-sharpexec-wmiexec_.pcap -------------------------------------------------------------------------------- /sharpnopsexec.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/sharpnopsexec.pcap -------------------------------------------------------------------------------- /smb_anomalous_traffic.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/smb_anomalous_traffic.pcap.gz -------------------------------------------------------------------------------- /smb_exec_only_two_commands.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/smb_exec_only_two_commands.pcap.gz -------------------------------------------------------------------------------- /smbexec.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/smbexec.pcap.gz -------------------------------------------------------------------------------- /start-service.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/start-service.pcap -------------------------------------------------------------------------------- /successful_choppydog_authentication.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/successful_choppydog_authentication.pcap.gz -------------------------------------------------------------------------------- /tinkersec-ldapsearch.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/tinkersec-ldapsearch.pcap -------------------------------------------------------------------------------- /ultra_lab_03-14.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/ultra_lab_03-14.pcap.gz -------------------------------------------------------------------------------- /windows_miscellany.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/windows_miscellany.pcap.gz -------------------------------------------------------------------------------- /winexesvc_.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/winexesvc_.pcap -------------------------------------------------------------------------------- /winreg_query_rdp_netshare_madness.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/winreg_query_rdp_netshare_madness.pcap.gz -------------------------------------------------------------------------------- /winrm_psremote_05-16.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/winrm_psremote_05-16.pcap -------------------------------------------------------------------------------- /winrm_psremote_05-16.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/winrm_psremote_05-16.pcap.gz -------------------------------------------------------------------------------- /wmi-service-remote.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi-service-remote.pcap -------------------------------------------------------------------------------- /wmi_commands_calc.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_commands_calc.pcap.gz -------------------------------------------------------------------------------- /wmi_exec1.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_exec1.pcap.gz -------------------------------------------------------------------------------- /wmi_exec_2.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_exec_2.pcap.gz -------------------------------------------------------------------------------- /wmi_query.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_query.pcap.gz -------------------------------------------------------------------------------- /wmi_to_powershell_empire.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_to_powershell_empire.pcap.gz -------------------------------------------------------------------------------- /wmi_to_vss.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmi_to_vss.pcap.gz -------------------------------------------------------------------------------- /wmiexec-pro-create-service-alternative-class.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmiexec-pro-create-service-alternative-class.pcap -------------------------------------------------------------------------------- /wmiexec.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmiexec.pcap.gz -------------------------------------------------------------------------------- /wmiexecpro-create-start-service.pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmiexecpro-create-start-service.pcap -------------------------------------------------------------------------------- /wmimplant.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/wmimplant.pcap.gz -------------------------------------------------------------------------------- /xcopy_choppy_to_pick.pcap.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/elcabezzonn/Pcaps/15a267bc4ec5525fc050e4247b373e96ea31e8b4/xcopy_choppy_to_pick.pcap.gz --------------------------------------------------------------------------------