Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endpoints.
☆38Apr 5, 2024Updated 2 years ago
Alternatives and similar repositories for easy-wins-endpoint-defense
Users that are interested in easy-wins-endpoint-defense are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆90Feb 9, 2025Updated last year
- Tools for Attacking Pleasant Password Server☆23Sep 19, 2023Updated 2 years ago
- Packet Analysis on Steroids☆14Oct 20, 2022Updated 3 years ago
- ☆17Aug 27, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 3 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆56Dec 5, 2024Updated last year
- A list of resources to build a information security team.☆16Feb 10, 2021Updated 5 years ago
- A repository dedicated to tracking ransomware families based on leaked builders.☆22Apr 17, 2024Updated 2 years ago
- ☆34Feb 27, 2024Updated 2 years ago
- ☆16Aug 29, 2025Updated 9 months ago
- This Repository gives the best and possible strategies against hunting the ransomware☆26Aug 23, 2022Updated 3 years ago
- Extract forensic interesting information from Chrome, Firefox, Safari browsers ...☆27May 11, 2019Updated 7 years ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆487Nov 21, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆54May 14, 2024Updated 2 years ago
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆26Oct 14, 2024Updated last year
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Jun 24, 2023Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- External telegram feeder for AIL framework☆19Jan 21, 2026Updated 4 months ago
- Everything related to YARA☆16Apr 18, 2026Updated last month
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆35Jan 9, 2025Updated last year
- ☆41May 22, 2024Updated 2 years ago
- PyWeek #24 entry for Dan and Larry☆20Feb 13, 2018Updated 8 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Because I can't find scripts to do this anywhere else...☆26Dec 27, 2016Updated 9 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆487Jul 9, 2024Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆181Mar 2, 2026Updated 2 months ago
- Automating Cyber Threat Intelligence Reporting with Natural Language Generation☆15Jan 24, 2024Updated 2 years ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆30Jan 7, 2026Updated 4 months ago
- Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).☆11Sep 30, 2018Updated 7 years ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 6 months ago
- Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.☆13May 28, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Collection of Tools & Techniques for analyzing URLs☆33Oct 1, 2023Updated 2 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆467Feb 18, 2026Updated 3 months ago
- All about ransomware notes and extension files.☆14Aug 26, 2023Updated 2 years ago
- ☆61Jun 24, 2023Updated 2 years ago
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated last year
- Python client for McAfee ePolicy Orchestrator☆15Mar 12, 2021Updated 5 years ago