Alternatives and similar repositories for ORADAZ

Users that are interested in ORADAZ are comparing it to the libraries listed below

• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆92Updated last year
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆117Updated last week
• ANSSI-FR / guide-journalisation-microsoft
  Guide journalisation Microsoft
  ☆69Updated last year
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆254Updated last year
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…
  ☆307Updated last month
• tsale / EDR-Telemetry-Website
  ☆74Updated last week
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆105Updated last year
• techspence / ADeleginator
  A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
  ☆249Updated 11 months ago
• reprise99 / 4688-sysmon
  ☆61Updated 2 years ago
• SpecterOps / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆235Updated last month
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆110Updated 2 weeks ago
• AlbinoGazelle / esxi-testing-toolkit
  🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.
  ☆78Updated 4 months ago
• mandiant / citrix-ioc-scanner-cve-2023-3519
  ☆66Updated 2 years ago
• msdirtbag / azurevelo
  Velociraptor Server hosted in Azure App Service
  ☆56Updated 2 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆157Updated 4 months ago
• CompassSecurity / EntraFalcon
  A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…
  ☆264Updated last month
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆82Updated 4 months ago
• securityjoes / Crowdstrike-Deploy
  The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆24Updated 3 weeks ago
• jakehildreth / BlueTuxedo
  A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS
  ☆126Updated 7 months ago
• 0x706972686f / RMM-Catalogue
  ☆101Updated last month
• techspence / AppLockerInspector
  Audits an AppLocker policy XML and reports weak/misconfigured/risky settings, including actual ACL checks.
  ☆73Updated last week
• LuemmelSec / Custom-BloodHound-Queries
  ☆179Updated 8 months ago
• jakehildreth / PowerPUG
  A tiny tool built to help AD Admins tame the Protected Users group.
  ☆118Updated 7 months ago
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆89Updated 4 months ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆115Updated last year
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆93Updated 2 weeks ago
• ine-labs / ThreatSeeker
  ThreatSeeker: Threat Hunting via Windows Event Logs
  ☆123Updated 2 years ago
• 8ales / Azure-AppHunter
  Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…
  ☆64Updated 2 weeks ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆95Updated last month
• MHaggis / notes
  Full of public notes and Utilities
  ☆128Updated 6 months ago