AirbusProtect / AD-Canaries

Related projects: ⓘ

• techspence / ADeleginator
  A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
  ☆142Updated 4 months ago
• SpecterOps / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆185Updated 2 months ago
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆84Updated 3 weeks ago
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆159Updated 5 months ago
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆104Updated last month
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆148Updated 11 months ago
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆152Updated 2 months ago
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆110Updated 4 months ago
• Defenders-Guide / TheDefendersGuide
  The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
  ☆141Updated last year
• CrowdStrike / VirtualGHOST
  VirtualGHOST Detection Tool
  ☆84Updated 3 months ago
• LuemmelSec / Custom-BloodHound-Queries
  ☆169Updated 7 months ago
• CTI-Driven / LOLBins
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆108Updated 5 months ago
• securityjoes / ForensicMiner
  A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
  ☆147Updated 3 months ago
• dahvidschloss / CRASH
  Completely Risky Active-Directory Simulation Hub
  ☆99Updated 9 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆130Updated last month
• 0xJs / domain_audit
  Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
  ☆155Updated 4 months ago
• evild3ad / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆256Updated 3 weeks ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆105Updated 3 months ago
• LuemmelSec / Client-Checker
  ☆158Updated 2 months ago
• mthcht / Purpleteam
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆149Updated 2 weeks ago
• improsec / ImproHound
  Identify the attack paths in BloodHound breaking your AD tiering
  ☆294Updated last year
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆73Updated last month
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆94Updated 2 years ago
• trustedsec / The_Shelf
  Retired TrustedSec Capabilities
  ☆218Updated last week
• tsale / Sigma_rules
  Sigma rules to share with the community
  ☆113Updated last month
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆81Updated 4 months ago
• techBrandon / DC32-GOAD
  ☆48Updated last month
• infosecn1nja / VeilTransfer
  VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …
  ☆91Updated 3 weeks ago
• keyboardcrunch / SentinelOne-ATTACK-Queries
  MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
  ☆85Updated 3 years ago
• Sam0x90 / CB-Threat-Hunting
  CarbonBlack EDR detection rules and response actions
  ☆70Updated last week