ANSSI-FR / ORADAZ

Related projects ⓘ

Alternatives and complementary repositories for ORADAZ

• ANSSI-FR / guide-journalisation-microsoft
  Guide journalisation Microsoft
  ☆57Updated 4 months ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆79Updated 3 months ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated last year
• tsale / EDR-Telemetry-Website
  ☆72Updated this week
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆107Updated 3 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆27Updated this week
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 6 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• reprise99 / 4688-sysmon
  ☆48Updated last year
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆97Updated 2 years ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 7 months ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆106Updated 5 months ago
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆112Updated this week
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆87Updated 6 months ago
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆60Updated 7 months ago
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆99Updated 4 months ago
• mandiant / citrix-ioc-scanner-cve-2023-3519
  ☆65Updated last year
• LuemmelSec / Custom-BloodHound-Queries
  ☆173Updated 9 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆148Updated 6 months ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 3 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆150Updated last year
• InfoSecInnovations / What2Log
  ☆39Updated 2 years ago
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆44Updated 7 months ago
• techspence / ADeleginator
  A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
  ☆151Updated 2 months ago
• SpecterOps / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆190Updated this week
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆146Updated last year
• nrrpinto / inquisitor
  Forensics artifacts collection
  ☆19Updated 3 years ago
• Tanguy-Boisset / bloodhound-automation
  Automatically run and populate a new instance of BH CE
  ☆54Updated last month
• mgreen27 / DetectRaptor
  A repository to share publicly available Velociraptor detection content
  ☆119Updated this week
• keydet89 / Events-Ripper
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆76Updated last week