biffalo/easy-wins-endpoint-defense external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

biffalo/easy-wins-endpoint-defense

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/biffalo/easy-wins-endpoint-defense)

Close

biffalo / easy-wins-endpoint-defenseView on GitHubMore

• External links
• Readme badge

Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endpoints.

☆38Apr 5, 2024Updated 2 years ago

Alternatives and similar repositories for easy-wins-endpoint-defense

Users that are interested in easy-wins-endpoint-defense are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• herbiezimmerman / Windows-Event-Logs-With-Event-IDs

  View on GitHub
  A running list of Windows sources and the related event ids.
  ☆19Aug 2, 2023Updated 2 years ago
• keydet89 / Events-Ripper

  View on GitHub
  Project based on RegRipper, to extract add'l value/pivot points from TLN events file
  ☆89Feb 9, 2025Updated last year
• mdsecactivebreach / PleasantTools

  View on GitHub
  Tools for Attacking Pleasant Password Server
  ☆23Sep 19, 2023Updated 2 years ago
• RAB301000001C3 / PCAPEXTRACT

  View on GitHub
  Packet Analysis on Steroids
  ☆13Oct 20, 2022Updated 3 years ago
• petebryan / blue_team_con

  View on GitHub
  ☆17Aug 27, 2022Updated 3 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• CiscoSE / SnortBlocklistImporter

  View on GitHub
  This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…
  ☆11May 22, 2023Updated 2 years ago
• jstrosch / subcrawl

  View on GitHub
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆56Dec 5, 2024Updated last year
• brianreitz / awesome-blueteam

  View on GitHub
  A list of resources to build a information security team.
  ☆15Feb 10, 2021Updated 5 years ago
• EmissarySpider / ransomware-descendants

  View on GitHub
  A repository dedicated to tracking ransomware families based on leaked builders.
  ☆22Apr 17, 2024Updated 2 years ago
• elementalsouls / DumpLSASS

  View on GitHub
  ☆33Feb 27, 2024Updated 2 years ago
• SigmaHQ / pySigma-backend-insightidr

  View on GitHub
  ☆16Aug 29, 2025Updated 7 months ago
• archanchoudhury / Threat-Hunting

  View on GitHub
  This Repository gives the best and possible strategies against hunting the ransomware
  ☆26Aug 23, 2022Updated 3 years ago
• globecyber / Infornito

  View on GitHub
  Extract forensic interesting information from Chrome, Firefox, Safari browsers ...
  ☆27May 11, 2019Updated 6 years ago
• blackhillsinfosec / EventLogging

  View on GitHub
  Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
  ☆488Nov 21, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• weslambert / velocistack

  View on GitHub
  ☆54May 14, 2024Updated last year
• accuknox / k8sthreatmodeling

  View on GitHub
  Threat Modeling (based on STRIDE approach) for Kubernetes systems.
  ☆26Oct 14, 2024Updated last year
• jgasmussen / Case_Notes.py

  View on GitHub
  Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.
  ☆26Jun 24, 2023Updated 2 years ago
• Tatsuya-hasegawa / MSTICPy_utils

  View on GitHub
  my MSTICpy practice and custom tools repository
  ☆11Apr 23, 2025Updated 11 months ago
• ail-project / ail-feeder-telegram

  View on GitHub
  External telegram feeder for AIL framework
  ☆18Jan 21, 2026Updated 2 months ago
• RustyNoob-619 / YARA

  View on GitHub
  Everything related to YARA
  ☆16Feb 19, 2026Updated 2 months ago
• blueteamvillage / Project-Obsidian-DC30

  View on GitHub
  ☆41May 22, 2024Updated last year
• larryhastings / pyweek24

  View on GitHub
  PyWeek #24 entry for Dan and Larry
  ☆20Feb 13, 2018Updated 8 years ago
• 0xMuhannad / ThreatScanner

  View on GitHub
  multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data
  ☆10Mar 14, 2023Updated 3 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• mubix / windows-hardening

  View on GitHub
  Because I can't find scripts to do this anywhere else...
  ☆26Dec 27, 2016Updated 9 years ago
• idnahacks / GoodHound

  View on GitHub
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆485Jul 9, 2024Updated last year
• invictus-ir / ALFA

  View on GitHub
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆176Mar 2, 2026Updated last month
• Mhackiori / AGIR

  View on GitHub
  Automating Cyber Threat Intelligence Reporting with Natural Language Generation
  ☆15Jan 24, 2024Updated 2 years ago
• bvoris / mitreattackthreatmodeling

  View on GitHub
  This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework
  ☆30Jan 7, 2026Updated 3 months ago
• eric-erki / threat-INTel

  View on GitHub
  Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).
  ☆11Sep 30, 2018Updated 7 years ago
• Hexastrike / Slasher

  View on GitHub
  Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.
  ☆13May 28, 2025Updated 10 months ago
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆165Nov 25, 2025Updated 4 months ago
• cyb3rmik3 / MDE-DFIR-Resources

  View on GitHub
  A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …
  ☆456Feb 18, 2026Updated 2 months ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• wand3rlust / Hitchhikers-Guide-to-URL-Analysis

  View on GitHub
  Collection of Tools & Techniques for analyzing URLs
  ☆32Oct 1, 2023Updated 2 years ago
• eshlomo1 / Ransomware-NOTE

  View on GitHub
  All about ransomware notes and extension files.
  ☆14Aug 26, 2023Updated 2 years ago
• reprise99 / 4688-sysmon

  View on GitHub
  ☆60Jun 24, 2023Updated 2 years ago
• Bournemouth2600 / Detection-Engineering-Intro

  View on GitHub
  An introduction to detection engineering
  ☆14Jan 3, 2025Updated last year
• bluecapesecurity / drivefs_forensic_extractor

  View on GitHub
  Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.
  ☆20May 9, 2025Updated 11 months ago
• davidism / mcafee-epo

  View on GitHub
  Python client for McAfee ePolicy Orchestrator
  ☆15Mar 12, 2021Updated 5 years ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆646Jun 19, 2024Updated last year