Alternatives and similar repositories for PowerHunt

Users that are interested in PowerHunt are comparing it to the libraries listed below

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆97Updated last week
• csandker / Azure-AccessPermissions
  ☆110Updated 2 years ago
• darkoperator / Veil-PowerView
  Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.
  ☆60Updated 10 years ago
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆123Updated 3 years ago
• YossiSassi / hAcKtive-Directory-Forensics
  ☆53Updated last month
• DefensiveOrigins / DO-LAB
  ☆47Updated 3 weeks ago
• secureworks / PhishInSuits
  ☆117Updated 4 years ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆115Updated last year
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆153Updated last month
• trustedsec / User-Behavior-Mapping-Tool
  ☆166Updated 2 years ago
• ImpostorKeanu / bl-bfg
  ☆36Updated last year
• ScarredMonk / PopulateActiveDirectory
  Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …
  ☆39Updated 3 years ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆72Updated last year
• sap8899 / reportly
  Reportly is an AzureAD user activity report tool.
  ☆94Updated 2 years ago
• JoelGMSec / AzureGraph
  Azure AD enumeration over MS Graph
  ☆82Updated 2 years ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆83Updated last year
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated last year
• Qazeer / InfoSec-Notes
  InfoSec Notes
  ☆59Updated last year
• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆65Updated 5 months ago
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆39Updated 2 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆111Updated 2 months ago
• secureworks / TokenMan
  ☆104Updated 3 years ago
• haim-n / Windows-Security-Assessment
  Assess Windows OS for security misconfigurations and hardening opportunities.
  ☆34Updated last year
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 3 months ago
• wunderwuzzi23 / ropci
  So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
  ☆121Updated 2 years ago
• secureworks / whiskeysamlandfriends
  GoldenSAML Attack Libraries and Framework
  ☆75Updated last year
• SadProcessor / HandsOnBloodHound
  Material for the "Hands-On BloodHound" Workshop
  ☆110Updated 4 years ago