CrowdStrike / CAST
CrowdStrike Archive Scan Tool
☆83Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for CAST
- MDE relies on some of the Audit settings to be enabled☆96Updated 2 years ago
- Tools and scripts by Arctic Wolf☆68Updated 6 months ago
- A GUI to query the API of abuse.ch.☆70Updated 2 years ago
- Pushes Sysmon Configs☆89Updated 3 years ago
- ☆70Updated 2 weeks ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- ☆58Updated 3 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆81Updated last month
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 3 years ago
- Audit program for AzureAD☆145Updated last year
- Full of public notes and Utilities☆82Updated 2 months ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆62Updated 2 years ago
- A PowerShell script that automates the security assessment of Microsoft Active Directory environments.☆62Updated 2 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆88Updated 11 months ago
- ☆40Updated last year
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- OpenIOC rules to facilitate hunting for indicators of compromise☆38Updated 2 years ago
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- ☆43Updated 3 weeks ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆124Updated 2 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆84Updated last year
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆72Updated this week
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- ☆158Updated last year
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆36Updated 3 years ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆85Updated 3 years ago