YossiSassi / Get-UserSessionLinks
Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, whether Active or Disconnected
☆92Updated 3 months ago
Alternatives and similar repositories for Get-UserSession
Users that are interested in Get-UserSession are comparing it to the libraries listed below
Sorting:
- Pushes Sysmon Configs☆88Updated 4 years ago
- ☆65Updated last year
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- ☆63Updated 4 years ago
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- MDE relies on some of the Audit settings to be enabled☆98Updated 2 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last year
- Powershell Event Tracing Toolbox☆75Updated 3 years ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆112Updated 10 months ago
- Simple PowerShell script to enable process scanning with Yara.☆94Updated 2 years ago
- ☆115Updated 5 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- ☆41Updated 2 years ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 6 months ago
- ☆72Updated 8 months ago
- Powershell module for VMWare vSphere forensics☆152Updated 7 months ago
- ☆61Updated 2 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆93Updated 3 years ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆89Updated 10 months ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 6 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- ☆53Updated last month
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆35Updated 3 years ago
- Default Detections for EDR☆96Updated last year
- ☆42Updated last year
- Audit program for AzureAD☆149Updated 2 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- ☆87Updated last year
- Full of public notes and Utilities☆117Updated 4 months ago