CrowdStrike / CASTLinks
CrowdStrike Archive Scan Tool
☆83Updated 3 years ago
Alternatives and similar repositories for CAST
Users that are interested in CAST are comparing it to the libraries listed below
Sorting:
- Pushes Sysmon Configs☆88Updated 4 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- Tools and scripts by Arctic Wolf☆68Updated last year
- ☆72Updated 8 months ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.☆154Updated 3 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆92Updated 3 months ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- A collection of Powershell scripts that will help automate the build process for a Marvel domain.☆147Updated last year
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 6 months ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆70Updated 2 years ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago
- ☆41Updated 2 years ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆34Updated last year
- ☆63Updated 4 years ago
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆35Updated 3 years ago
- Kerberoast Detection Script☆30Updated 7 months ago
- ☆85Updated 3 months ago
- OSSEM Data Dictionaries☆61Updated 5 months ago
- Powershell Scripts to work on Crowdstrike Falcon that pull back raw data relevant to forensic investigation☆23Updated 6 months ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…☆95Updated 4 years ago
- CrowdStrike's Open Source Policy & Contribution Guide☆40Updated 2 months ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Full of public notes and Utilities☆117Updated 4 months ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆84Updated last year
- Actionable data for Security Operations☆19Updated 3 years ago
- Collection of useful Canary tools☆81Updated 3 weeks ago