YossiSassi / hAcKtive-Directory-Forensics
☆50Updated 2 months ago
Alternatives and similar repositories for hAcKtive-Directory-Forensics:
Users that are interested in hAcKtive-Directory-Forensics are comparing it to the libraries listed below
- Pushes Sysmon Configs☆88Updated 3 years ago
- Memory Baseliner is a script that can compare two windows memory images or perform frequency of occurrence / data stacking analysis on mu…☆52Updated last year
- Active Directory Purple Team Playbook☆106Updated last year
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆76Updated last year
- ☆41Updated last year
- ☆72Updated 5 months ago
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- ☆46Updated last week
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆84Updated 7 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆105Updated 3 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆65Updated 3 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 7 months ago
- PowerShell tool to triage systems☆12Updated last year
- Full of public notes and Utilities☆98Updated last month
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated 3 weeks ago
- Bloodhound Portable for Windows☆51Updated last year
- Get-MiniTimeline - Triage Collection and Timeline Generation w/ KAPE☆29Updated 9 months ago
- Baseline a Windows System against LOLBAS☆25Updated 10 months ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Updated 3 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆93Updated last year
- ☆41Updated 3 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated last month
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- ☆86Updated last year
- ☆61Updated last year
- Recycle bin artifact parser☆44Updated last month
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- ESXi Cyber Security Incident Response Script☆23Updated 6 months ago