ScarredMonk / PopulateActiveDirectoryLinks
Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, groups objects, GPOs and network shares required. It also adds ASREProast account, kerberoastable account, and misconfigured ACLs to the domain for testing purposes
☆35Updated 3 years ago
Alternatives and similar repositories for PopulateActiveDirectory
Users that are interested in PopulateActiveDirectory are comparing it to the libraries listed below
Sorting:
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 6 months ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆54Updated last year
- ☆63Updated 4 years ago
- ☆42Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆29Updated last week
- ☆72Updated 8 months ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- Active Directory Firewall☆72Updated last week
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆54Updated 2 weeks ago
- ESXi Cyber Security Incident Response Script☆23Updated 9 months ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- ☆61Updated 2 years ago
- ☆41Updated 2 years ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 6 months ago
- ☆47Updated 2 months ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆112Updated 10 months ago
- A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆27Updated 3 weeks ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆89Updated 4 years ago
- A tiny tool built to find and fix common misconfigurations in Active Directory-integrated DNS☆117Updated 5 months ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 4 years ago
- Hunting Queries for Defender ATP☆82Updated 2 months ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- Ansible role for installing Sysmon with popular config files included.☆25Updated 2 years ago
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆12Updated 3 months ago
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆38Updated 7 months ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆33Updated last year
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 4 years ago
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago