Qazeer / FarsightADLinks
PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise
☆95Updated last year
Alternatives and similar repositories for FarsightAD
Users that are interested in FarsightAD are comparing it to the libraries listed below
Sorting:
- Default Detections for EDR☆96Updated last year
- ☆83Updated 2 years ago
- Active C&C Detector☆154Updated last year
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 6 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆82Updated last year
- InfoSec Notes☆56Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆321Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- GolenGMSA tool for working with GMSA passwords☆150Updated last year
- ☆178Updated 6 months ago
- Tool to extract powerful tokens from Office desktop apps memory☆71Updated last year
- Abuse Azure API permissions for red teaming☆67Updated 2 years ago
- ☆100Updated 2 years ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated last year
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Yara Rules for Modern Malware☆77Updated last year
- ShellSweeping the evil.☆52Updated last year
- ☆106Updated 2 years ago
- ☆247Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 6 months ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆91Updated 2 years ago
- Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].☆153Updated 2 years ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆112Updated 10 months ago
- Kerberoast Detection Script☆30Updated 7 months ago
- ☆91Updated last month
- Collection of tools to use with Azure Applications☆109Updated last year
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆139Updated 10 months ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆14Updated last year
- Azure AD enumeration over MS Graph☆82Updated 2 years ago