alpha-08 / ADInsight
This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators depends how they use it
☆28Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for ADInsight
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆38Updated 2 weeks ago
- Scripts and piece of codes used for Active Directory configuration☆81Updated last year
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 6 months ago
- ☆48Updated last year
- MS Graph Commands and Tools for Blue Teamers☆48Updated last year
- ResearchDev - XDR & SIEM Detection☆62Updated this week
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆23Updated 2 months ago
- Hunting Queries for Defender ATP☆73Updated this week
- Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.☆75Updated 3 months ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆91Updated 2 months ago
- ☆70Updated this week
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆151Updated 2 months ago
- ☆34Updated 8 months ago
- Powershell tools used for Red Team / Pentesting.☆74Updated 10 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 2 months ago
- M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.☆111Updated this week
- ☆105Updated last year
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆14Updated last year
- Completely Risky Active-Directory Simulation Hub☆99Updated last year
- List of Command&Control (C2) software☆34Updated 2 years ago
- A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.☆148Updated 6 months ago
- ☆41Updated 7 months ago
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated 7 months ago
- This Repository gives the best and possible strategies against hunting the ransomware☆24Updated 2 years ago
- Presentations from Conferences☆26Updated 2 months ago
- ☆43Updated last month
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆46Updated last month
- Identify the accounts most vulnerable to dictionary attacks☆95Updated 3 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 2 months ago
- Default Detections for EDR☆94Updated 9 months ago