alpha-08 / ADInsight
This tool can gather a lot of info without any defender alerts. It is useful for Penetration testers, SOC Analysts, System administrators depends how they use it
☆28Updated 2 weeks ago
Alternatives and similar repositories for ADInsight:
Users that are interested in ADInsight are comparing it to the libraries listed below
- ResearchDev - XDR & SIEM Detection☆64Updated last week
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆25Updated 5 months ago
- Collection of different Azure/Entra focused solutions (Deployable templates, Function Apps, etc)☆65Updated 2 weeks ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆72Updated this week
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- Scripts and piece of codes used for Active Directory configuration☆84Updated 2 years ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆29Updated this week
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- ☆44Updated last year
- ☆62Updated last year
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆30Updated 3 weeks ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆101Updated 7 months ago
- Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.☆20Updated 3 months ago
- MS Graph Commands and Tools for Blue Teamers☆49Updated last year
- Hunting Queries for Defender ATP☆81Updated last week
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆92Updated 2 weeks ago
- Presentations from Conferences☆29Updated 7 months ago
- This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet☆12Updated last month
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆38Updated 5 months ago
- M365 Defender SOC Playbooks☆23Updated 2 years ago
- AD Lab Setup Scripts☆67Updated last week
- Security Scripts and Sources for daily usage.☆58Updated 2 weeks ago
- ☆47Updated last week
- Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…☆38Updated last year
- ☆74Updated 3 weeks ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆23Updated 2 weeks ago
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Respons…☆54Updated 6 months ago
- Assess Windows OS for security misconfigurations and hardening opportunities.☆31Updated 9 months ago
- This tool parses Windows EVTX logs to extract login and logout sessions from a security.evtx file. It uses a Tkinter GUI to let you selec…☆32Updated 2 months ago