EHLOBen / MDO-HerosLinks
Advanced Hunting Queries
☆19Updated last week
Alternatives and similar repositories for MDO-Heros
Users that are interested in MDO-Heros are comparing it to the libraries listed below
Sorting:
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆76Updated 2 months ago
- ResearchDev - XDR & SIEM Detection☆65Updated 3 months ago
- This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators…☆29Updated 3 months ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆102Updated 10 months ago
- MS Graph Commands and Tools for Blue Teamers☆50Updated last year
- ☆74Updated 3 weeks ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated last year
- ☆61Updated 2 years ago
- ThreatSeeker: Threat Hunting via Windows Event Logs☆121Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆155Updated 3 months ago
- M365 Defender SOC Playbooks☆24Updated 2 years ago
- Slides of my public talks☆56Updated last year
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆21Updated 6 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆27Updated 7 months ago
- A PowerShell-based script to analyze network logs from CSV files and detect potential beaconing behavior. Supports VirusTotal integration…☆17Updated 2 months ago
- Scripts and piece of codes used for Active Directory configuration☆84Updated 2 years ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆55Updated last month
- The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…☆124Updated last year
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆73Updated 3 weeks ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆105Updated last year
- Simulation of Akira Ransomware with Invoke-AtomicTest☆16Updated last year
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆95Updated last week
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆38Updated 8 months ago
- ☆108Updated 2 years ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated 2 weeks ago
- CarbonBlack EDR detection rules and response actions☆71Updated 10 months ago
- ☆26Updated 2 years ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- ASR Configurator, Essentials and Atomic Testing☆71Updated 3 months ago
- A collection of CVEs weaponized by ransomware operators☆118Updated last month