Immersive-Labs-Sec / msrc-apiLinks
A collection of tools to interact with Microsoft Security Response Center API
☆101Updated last year
Alternatives and similar repositories for msrc-api
Users that are interested in msrc-api are comparing it to the libraries listed below
Sorting:
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last month
- ☆204Updated 10 months ago
- My conference presentations☆83Updated last month
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 5 months ago
- Fraktal's Ransomware Emulator☆101Updated last year
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆157Updated 2 years ago
- ☆253Updated last year
- A collection of Powershell scripts that will help automate the build process for a Marvel domain.☆148Updated last year
- Active C&C Detector☆156Updated last year
- Carbon Black TAU Excel 4 Macro Analysis☆44Updated last year
- Default Detections for EDR☆96Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆98Updated 2 years ago
- Cobalt Strike Beacon configuration extractor and parser.☆156Updated 4 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆323Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆226Updated 4 years ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Yara Rules for Modern Malware☆79Updated last year
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆180Updated 7 months ago
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆170Updated 2 years ago
- Tool to extract powerful tokens from Office desktop apps memory☆71Updated last year
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- RdpCacheStitcher is a tool that supports forensic analysts in reconstructing useful images out of RDP cache bitmaps.☆288Updated 2 years ago
- ☆100Updated 11 months ago
- A repo to support the book☆109Updated 4 years ago
- Active Directory Purple Team Playbook☆112Updated 2 years ago
- A Powershell module that helps you identify AppLocker weaknesses☆169Updated 5 years ago