├── Command and Control
    ├── C2_Foudre_Backdoor_DGA.pcapng
    ├── cmds over dns txt queries and reponses.pcap
    └── rdp_tunneling_meterpreter_portfwd.pcapng
├── CredAccess
    ├── CA_LM_SpoolSample_SMB_BiAuth.pcapng
    ├── CA_kerbrute_passwordspray_kerberos_AS-REQ.pcapng
    ├── CA_masterkey_rpc_protectedstorage.pcapng
    ├── CredAccess_BackupMasterKey_LSARPC_43_RetrievePrivateData.pcapng
    ├── DCShadow_add_primarygroupid_512_to_std_account.pcapng
    ├── DCSync_krbtgt_dcerpc_smb.pcapng
    └── Remote_Pwd_Reset_RPC_Admin_Mimikatz_PostZeroLogon.pcapng
├── Discovery
    ├── Discovery_PsLoggedOn_remotelocalusers_enum_winreg_lsarpc_dcerpc_smb.pcapng
    ├── Discovery_dcerp_srvsvc_NetShareEnum.pcapng
    ├── Discovery_impacket_rpcdump.pcapng
    ├── Discovery_privgroups_domain_admins_samr_lookupnames_req.pcapng
    └── discovery_scan_dcerpc_endpoint_mapper.pcapng
├── Evasion
    └── DE_byt3bl33d3r_remote_eventservice_crash.pcapng
├── Lateral Movement
    ├── CVE-2020-1472_Zerologon_RPC_NetLogon_NullChallenge_SecChan_6_from_nonDC_to_DC.pcapng
    ├── Exploit_DoS_cve-2020-1350_dns_sig_maxspl0it.pcapng
    ├── LM_WMI_ProcessCallCreate.pcapng
    ├── LM_dcom_mmc20.application_dcerpc.pcapng
    ├── LM_psexec_smb_dcerpc_epm_svcctl.pcapng
    ├── LM_rdp_sharprdp.pcapng
    ├── LM_smbexec_smb_dcerpc_svcctl_epm.pcapng
    ├── lm_mimikazt_skeleton_kerberos_rc4_etype.pcapng
    └── zerologon_mimikatz_ntlm_privacy_scan_and_exploit_encrypted.pcapng
├── PrivEsc
    └── CVE-2020-0796_SMBGhost_PrivEsc_Loopback_traffic.pcapng
└── README.md


/Command and Control/C2_Foudre_Backdoor_DGA.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Command and Control/C2_Foudre_Backdoor_DGA.pcapng


--------------------------------------------------------------------------------
/Command and Control/cmds over dns txt queries and reponses.pcap:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Command and Control/cmds over dns txt queries and reponses.pcap


--------------------------------------------------------------------------------
/Command and Control/rdp_tunneling_meterpreter_portfwd.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Command and Control/rdp_tunneling_meterpreter_portfwd.pcapng


--------------------------------------------------------------------------------
/CredAccess/CA_LM_SpoolSample_SMB_BiAuth.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/CA_LM_SpoolSample_SMB_BiAuth.pcapng


--------------------------------------------------------------------------------
/CredAccess/CA_kerbrute_passwordspray_kerberos_AS-REQ.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/CA_kerbrute_passwordspray_kerberos_AS-REQ.pcapng


--------------------------------------------------------------------------------
/CredAccess/CA_masterkey_rpc_protectedstorage.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/CA_masterkey_rpc_protectedstorage.pcapng


--------------------------------------------------------------------------------
/CredAccess/CredAccess_BackupMasterKey_LSARPC_43_RetrievePrivateData.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/CredAccess_BackupMasterKey_LSARPC_43_RetrievePrivateData.pcapng


--------------------------------------------------------------------------------
/CredAccess/DCShadow_add_primarygroupid_512_to_std_account.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/DCShadow_add_primarygroupid_512_to_std_account.pcapng


--------------------------------------------------------------------------------
/CredAccess/DCSync_krbtgt_dcerpc_smb.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/DCSync_krbtgt_dcerpc_smb.pcapng


--------------------------------------------------------------------------------
/CredAccess/Remote_Pwd_Reset_RPC_Admin_Mimikatz_PostZeroLogon.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/CredAccess/Remote_Pwd_Reset_RPC_Admin_Mimikatz_PostZeroLogon.pcapng


--------------------------------------------------------------------------------
/Discovery/Discovery_PsLoggedOn_remotelocalusers_enum_winreg_lsarpc_dcerpc_smb.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Discovery/Discovery_PsLoggedOn_remotelocalusers_enum_winreg_lsarpc_dcerpc_smb.pcapng


--------------------------------------------------------------------------------
/Discovery/Discovery_dcerp_srvsvc_NetShareEnum.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Discovery/Discovery_dcerp_srvsvc_NetShareEnum.pcapng


--------------------------------------------------------------------------------
/Discovery/Discovery_impacket_rpcdump.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Discovery/Discovery_impacket_rpcdump.pcapng


--------------------------------------------------------------------------------
/Discovery/Discovery_privgroups_domain_admins_samr_lookupnames_req.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Discovery/Discovery_privgroups_domain_admins_samr_lookupnames_req.pcapng


--------------------------------------------------------------------------------
/Discovery/discovery_scan_dcerpc_endpoint_mapper.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Discovery/discovery_scan_dcerpc_endpoint_mapper.pcapng


--------------------------------------------------------------------------------
/Evasion/DE_byt3bl33d3r_remote_eventservice_crash.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Evasion/DE_byt3bl33d3r_remote_eventservice_crash.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/CVE-2020-1472_Zerologon_RPC_NetLogon_NullChallenge_SecChan_6_from_nonDC_to_DC.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/CVE-2020-1472_Zerologon_RPC_NetLogon_NullChallenge_SecChan_6_from_nonDC_to_DC.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/Exploit_DoS_cve-2020-1350_dns_sig_maxspl0it.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/Exploit_DoS_cve-2020-1350_dns_sig_maxspl0it.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/LM_WMI_ProcessCallCreate.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/LM_WMI_ProcessCallCreate.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/LM_dcom_mmc20.application_dcerpc.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/LM_dcom_mmc20.application_dcerpc.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/LM_psexec_smb_dcerpc_epm_svcctl.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/LM_psexec_smb_dcerpc_epm_svcctl.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/LM_rdp_sharprdp.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/LM_rdp_sharprdp.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/LM_smbexec_smb_dcerpc_svcctl_epm.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/LM_smbexec_smb_dcerpc_svcctl_epm.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/lm_mimikazt_skeleton_kerberos_rc4_etype.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/lm_mimikazt_skeleton_kerberos_rc4_etype.pcapng


--------------------------------------------------------------------------------
/Lateral Movement/zerologon_mimikatz_ntlm_privacy_scan_and_exploit_encrypted.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/Lateral Movement/zerologon_mimikatz_ntlm_privacy_scan_and_exploit_encrypted.pcapng


--------------------------------------------------------------------------------
/PrivEsc/CVE-2020-0796_SMBGhost_PrivEsc_Loopback_traffic.pcapng:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/PrivEsc/CVE-2020-0796_SMBGhost_PrivEsc_Loopback_traffic.pcapng


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/sbousseaden/PCAP-ATTACK/HEAD/README.md


--------------------------------------------------------------------------------