YossiSassi / AD-Replication-Metadata
Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.g. during an Incident Response). Uses Replication metadata history parsing. Online and offline DB (backup)
☆16Updated 2 months ago
Alternatives and similar repositories for AD-Replication-Metadata:
Users that are interested in AD-Replication-Metadata are comparing it to the libraries listed below
- This is a repo for fetching Applocker event log by parsing the win-event log☆30Updated 2 years ago
- Takes the original idea of NetCease and adds functionality☆24Updated 3 years ago
- self-hosted Azure OSINT tool☆30Updated 7 months ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Scans a list of raccoon servers from Tria.ge and extracts the config☆15Updated last year
- Continuous kerberoast monitor☆45Updated last year
- ☆14Updated last year
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- Repository for LNK stuff☆30Updated 2 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆16Updated last year
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- ☆45Updated last year
- ☆18Updated last year
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Updated 2 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- Python tool to find vulnerable AD object and generating csv report☆14Updated 2 years ago
- General Content☆26Updated 9 months ago
- Living off the False Positive!☆35Updated 3 months ago
- ☆23Updated 2 months ago
- Hundred Days of Yara Challenge☆12Updated 2 years ago
- A collection of my presentation materials.☆17Updated last year
- Threat Mitigation Strategies☆25Updated last year
- Parser for Windows PowerShell script block logs☆13Updated 4 months ago
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆17Updated 3 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 9 months ago
- a tiny program to consume from ETW providers for research☆47Updated 4 months ago
- Reproducible and extensible BloodHound playbooks☆43Updated 5 years ago
- ☆20Updated last year
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆14Updated 6 months ago