TonyPhipps / Powershell
Tony's collection of powershell scripts, typically geared toward cybersec
☆33Updated 3 weeks ago
Alternatives and similar repositories for Powershell:
Users that are interested in Powershell are comparing it to the libraries listed below
- Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.☆40Updated 4 years ago
- A series of scripts☆98Updated 3 years ago
- PowerShell Script for Agentless Incident Response☆25Updated 7 years ago
- 🔎 Use urlscan.io with PowerShell!☆34Updated 4 years ago
- ☆49Updated 5 years ago
- PowerShell script useful for Incident Response and security/configuration baselines for Windows Vista and later☆20Updated 9 years ago
- incident response scripts☆19Updated 6 years ago
- AdmPwd.E client and support tools☆32Updated 4 years ago
- Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the…☆77Updated 4 years ago
- A Windows PowerShell & PowerShell Core Module to calculate a CVSS3 Score based on a Vector string☆12Updated 2 years ago
- Defensive-oriented Active Directory enumeration☆23Updated 9 years ago
- PowerSponse is a PowerShell module focused on targeted containment and remediation during incident response.☆38Updated 3 years ago
- This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommen…☆52Updated 9 months ago
- Simple Powershell scripts to collect all Windows Event Logs from a host and parse them into one CSV timeline.☆33Updated 6 years ago
- Build a domain with three quick PowerShell scripts!☆29Updated 4 years ago
- Azure Sentinel Template parser☆16Updated 4 years ago
- ☆45Updated 2 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- Automated forensics written in PowerShell☆34Updated 5 years ago
- Find accounts using common and default passwords in Active Directory.☆68Updated 5 years ago
- Scandiff is a PowerShell script to automate host discovery and scanning with nmap. After discovering and scanning hosts, scandiff perfor…☆17Updated 10 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Alex Verboon PowerShell Code☆39Updated 4 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆51Updated last year
- A PowerShell module to abstract the complexities of Permanent WMI Event Subscriptions☆55Updated 9 years ago
- Secure and log *available* activities in your Microsoft Office 365 environment☆38Updated 6 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆90Updated 3 years ago
- Finds event logs between two time points. Useful for helpdesk/support/malware analysis.☆47Updated 6 years ago