Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endpoints.
☆38Apr 5, 2024Updated last year
Alternatives and similar repositories for easy-wins-endpoint-defense
Users that are interested in easy-wins-endpoint-defense are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A running list of Windows sources and the related event ids.☆19Aug 2, 2023Updated 2 years ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆89Feb 9, 2025Updated last year
- Packet Analysis on Steroids☆13Oct 20, 2022Updated 3 years ago
- ☆17Aug 27, 2022Updated 3 years ago
- A list of resources to build a information security team.☆14Feb 10, 2021Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- This is a script to import Cisco Talos's IP Blacklist into a Tag (Host Group) within Stealthwatch. This will also optionally create a Cu…☆11May 22, 2023Updated 2 years ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆55Dec 5, 2024Updated last year
- ☆33Feb 27, 2024Updated 2 years ago
- ☆16Aug 29, 2025Updated 7 months ago
- Extract forensic interesting information from Chrome, Firefox, Safari browsers ...☆27May 11, 2019Updated 6 years ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆487Nov 21, 2024Updated last year
- ☆54May 14, 2024Updated last year
- Threat Modeling (based on STRIDE approach) for Kubernetes systems.☆25Oct 14, 2024Updated last year
- Case_Notes.py is a cross-platform (Windows, macOS, & Linux) python script to help make the documentation process easier.☆26Jun 24, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 11 months ago
- External telegram feeder for AIL framework☆18Jan 21, 2026Updated 2 months ago
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆31Jan 9, 2025Updated last year
- Everything related to YARA☆16Feb 19, 2026Updated last month
- ☆41May 22, 2024Updated last year
- PyWeek #24 entry for Dan and Larry☆20Feb 13, 2018Updated 8 years ago
- multi-threaded script uses VirusTotal and AbuseIPDB APIs and generate an excel with all needed data☆10Mar 14, 2023Updated 3 years ago
- Because I can't find scripts to do this anywhere else...☆26Dec 27, 2016Updated 9 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆484Jul 9, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆174Mar 2, 2026Updated 3 weeks ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆30Jan 7, 2026Updated 2 months ago
- Archive of publicly available threat INTel reports (mostly APT Reports but not limited to).☆11Sep 30, 2018Updated 7 years ago
- Bulk indicator VirusTotal lookups supporting file hashes, domains and IPs.☆13May 28, 2025Updated 10 months ago
- A repository of my own Sigma detection rules.☆164Nov 25, 2025Updated 4 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆454Feb 18, 2026Updated last month
- Collection of Tools & Techniques for analyzing URLs☆33Oct 1, 2023Updated 2 years ago
- All about ransomware notes and extension files.☆14Aug 26, 2023Updated 2 years ago
- ☆60Jun 24, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- An introduction to detection engineering☆14Jan 3, 2025Updated last year
- Forensic tool for extracting and analyzing Google DriveFS cached files and metadata.☆20May 9, 2025Updated 10 months ago
- Python client for McAfee ePolicy Orchestrator☆15Mar 12, 2021Updated 5 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆643Jun 19, 2024Updated last year
- Presentations from Conferences☆31Sep 14, 2024Updated last year
- Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers☆270Feb 12, 2026Updated last month
- CSIRT Jump Bag☆27Apr 25, 2024Updated last year