ScarredMonk / PopulateActiveDirectory
Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, groups objects, GPOs and network shares required. It also adds ASREProast account, kerberoastable account, and misconfigured ACLs to the domain for testing purposes
☆28Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for PopulateActiveDirectory
- ☆48Updated last year
- ☆43Updated last month
- ☆40Updated last year
- Pushes Sysmon Configs☆89Updated 3 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆44Updated 7 months ago
- ☆70Updated last month
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆88Updated 11 months ago
- ESXi Cyber Security Incident Response Script☆20Updated 2 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆35Updated last year
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆79Updated 3 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆60Updated 7 months ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆47Updated 10 months ago
- Bloodhound Portable for Windows☆51Updated last year
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated last year
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 7 months ago
- Full of public notes and Utilities☆86Updated this week
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆99Updated 4 months ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆35Updated last year
- gundog - guided hunting in Microsoft Defender☆52Updated 3 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆35Updated 11 months ago
- PowerShell tool to triage systems☆12Updated last year
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆64Updated 2 years ago
- ASR Configurator, Essentials and Atomic Testing☆36Updated 3 weeks ago
- General Content☆20Updated 4 months ago
- Community Tasks/Plans for PlumHound Queueing☆23Updated last year
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆14Updated last year