Immersive-Labs-Sec / msrc-apiLinks
A collection of tools to interact with Microsoft Security Response Center API
☆101Updated last year
Alternatives and similar repositories for msrc-api
Users that are interested in msrc-api are comparing it to the libraries listed below
Sorting:
- My conference presentations☆82Updated 3 weeks ago
- Cobalt Strike Beacon configuration extractor and parser.☆155Updated 4 years ago
- The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson☆155Updated 2 years ago
- ☆204Updated 10 months ago
- ☆252Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆97Updated 2 years ago
- LOLESXi is a curated compilation of binaries/scripts available in VMware ESXi that are were used to by adversaries in their intrusions. T…☆132Updated 7 months ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last month
- Active C&C Detector☆156Updated last year
- Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR☆248Updated 5 months ago
- A C# based tool for analysing malicious OneNote documents☆116Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Sysmon EDR POC Build within Powershell to prove ability.☆227Updated 4 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- A collection of Powershell scripts that will help automate the build process for a Marvel domain.☆148Updated last year
- Default Detections for EDR☆96Updated last year
- Yara Rules for Modern Malware☆79Updated last year
- Fraktal's Ransomware Emulator☆102Updated last year
- ☆238Updated 2 months ago
- WTF are these binaries doing?! A list of benign applications that mimic malicious behavior.☆166Updated 5 months ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆80Updated 3 months ago
- ☆25Updated 3 years ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.☆180Updated 7 months ago
- Identify the attack paths in BloodHound breaking your AD tiering☆322Updated 2 years ago
- Carbon Black TAU Excel 4 Macro Analysis☆43Updated last year
- A Cobalt Strike Scanner that retrieves detected Team Server beacons into a JSON object☆169Updated 2 years ago
- A collection of tools, scripts and personal research☆146Updated 3 weeks ago
- Anything Sysmon related from the MSTIC R&D team☆156Updated last year