CrowdStrike / CAST

Related projects ⓘ

Alternatives and complementary repositories for CAST

• rtkwlf / wolf-tools
  Tools and scripts by Arctic Wolf
  ☆68Updated 7 months ago
• Bert-JanP / Sentinel-Automation
  Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
  ☆76Updated 3 months ago
• olafhartong / MDE-AuditCheck
  MDE relies on some of the Audit settings to be enabled
  ☆97Updated 2 years ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆70Updated last month
• netwrix / PingCastleCloud
  Audit program for AzureAD
  ☆145Updated last year
• NetSPI / PowerHunt
  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
  ☆60Updated 8 months ago
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆51Updated last year
• rapid7 / insightvm-sql-queries
  InsightVM helpful SQL queries
  ☆59Updated this week
• dwmetz / QuickPcap
  A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.
  ☆40Updated 2 years ago
• ziesemer / ad-privileged-audit
  Provides various Windows Server Active Directory (AD) security-focused reports.
  ☆89Updated this week
• soteria-security / ADInspect
  A PowerShell script that automates the security assessment of Microsoft Active Directory environments.
  ☆62Updated 2 years ago
• PwC-IR / Office-365-Extractor
  The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
  ☆258Updated 2 years ago
• improsec / Get-bADpasswords
  Get insights into the actual strength and quality of passwords in Active Directory.
  ☆151Updated 4 months ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆38Updated 4 years ago
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 3 years ago
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆39Updated last year
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆125Updated 2 years ago
• lawndoc / AdvancedHuntingQueries
  Microsoft 365 Advanced Hunting Queries with hotlinks that plug the query right into your tenant
  ☆111Updated 3 months ago
• fireeye / CVE-2021-44228
  OpenIOC rules to facilitate hunting for indicators of compromise
  ☆38Updated 2 years ago
• fragtastic / cis-benchmark-converter
  Converts text dumps from CIS Benchmark PDFs to CSV & Excel formats.
  ☆55Updated 4 months ago
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆69Updated this week
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆62Updated 5 months ago
• p0w3rsh3ll / NetCease
  ☆59Updated 3 years ago
• mdecrevoisier / Splunk-input-windows-baseline
  Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…
  ☆81Updated last month
• TrimarcJake / BlueTuxedo
  A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS
  ☆99Updated last month
• SophosRapidResponse / OSQuery
  ☆80Updated 2 months ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆89Updated 3 years ago
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆67Updated last year