Alternatives and similar repositories for WhoYouCalling:

Users that are interested in WhoYouCalling are comparing it to the libraries listed below

• joeavanzato / Trawler
  PowerShell script helping Incident Responders discover potential adversary persistence mechanisms.
  ☆315Updated 4 months ago
• techspence / ScriptSentry
  ScriptSentry finds misconfigured and dangerous logon scripts.
  ☆480Updated 2 months ago
• p0dalirius / ExtractBitlockerKeys
  A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.
  ☆366Updated last month
• MHaggis / PowerShell-Hunter
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆303Updated last week
• jakehildreth / Locksmith
  A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.
  ☆1,053Updated 2 weeks ago
• lkarlslund / nifo
  Nuke It From Orbit - remove AV/EDR with physical access
  ☆254Updated 3 months ago
• Squiblydoo / debloat
  A GUI and CLI tool for removing bloat from executables
  ☆383Updated 2 months ago
• LETHAL-FORENSICS / Microsoft-Analyzer-Suite
  A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
  ☆436Updated this week
• Bert-JanP / Incident-Response-Powershell
  PowerShell Digital Forensics & Incident Response Scripts.
  ☆585Updated 2 weeks ago
• subat0mik / Misconfiguration-Manager
  Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…
  ☆887Updated last month
• NetSPI / PowerHuntShares
  PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains…
  ☆759Updated 3 weeks ago
• vectra-ai-research / MAAD-AF
  MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
  ☆371Updated 5 months ago
• secureworks / pytune
  ☆196Updated last month
• dafthack / GraphRunner
  A Post-exploitation Toolset for Interacting with the Microsoft Graph API
  ☆1,053Updated 4 months ago
• magicsword-io / LOLDrivers
  Living Off The Land Drivers
  ☆1,127Updated this week
• Yamato-Security / EnableWindowsLogSettings
  Documentation and scripts to properly enable Windows event logs.
  ☆590Updated last year
• LETHAL-FORENSICS / MemProcFS-Analyzer
  MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
  ☆590Updated this week
• cgosec / Blauhaunt
  A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you com…
  ☆167Updated 2 weeks ago
• awakecoding / wireshark-rdp
  Wireshark RDP resources
  ☆210Updated last month
• mtth-bfft / adeleg
  Active Directory delegation management tool
  ☆291Updated last year
• ExaTrack / Kdrill
  Python tool to check rootkits in Windows kernel
  ☆193Updated last week
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆134Updated 7 months ago
• Neo23x0 / sysmon-config
  Sysmon configuration file template with default high-quality event tracing
  ☆473Updated last year
• activecm / rita
  Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…
  ☆257Updated this week
• AirbusProtect / AD-Canaries
  The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…
  ☆249Updated last year
• gtworek / VolatileDataCollector
  ☆199Updated 4 months ago
• Ahmed-AL-Maghraby / Windows-Registry-Analysis-Cheat-Sheet
  ☆156Updated last year
• Leo4j / Amnesiac
  Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…
  ☆401Updated this week