AirbusProtect / AD-Canaries
The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory Canary objects.
☆200Updated 9 months ago
Related projects: ⓘ
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆142Updated 4 months ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆185Updated 2 months ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆84Updated 3 weeks ago
- A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…☆159Updated 5 months ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆104Updated last month
- Active C&C Detector☆148Updated 11 months ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆152Updated 2 months ago
- M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.☆110Updated 4 months ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆141Updated last year
- VirtualGHOST Detection Tool☆84Updated 3 months ago
- ☆169Updated 7 months ago
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆108Updated 5 months ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆147Updated 3 months ago
- Completely Risky Active-Directory Simulation Hub☆99Updated 9 months ago
- God Mode Detection Rules☆130Updated last month
- Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.☆155Updated 4 months ago
- A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID☆256Updated 3 weeks ago
- Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04☆105Updated 3 months ago
- ☆158Updated 2 months ago
- Purpleteam scripts simulation & Detection - trigger events for SOC detections☆149Updated 2 weeks ago
- Identify the attack paths in BloodHound breaking your AD tiering☆294Updated last year
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆73Updated last month
- MDE relies on some of the Audit settings to be enabled☆94Updated 2 years ago
- Retired TrustedSec Capabilities☆218Updated last week
- Sigma rules to share with the community☆113Updated last month
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 4 months ago
- ☆48Updated last month
- VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data …☆91Updated 3 weeks ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆85Updated 3 years ago
- CarbonBlack EDR detection rules and response actions☆70Updated last week