cutaway-security / sawhLinks
Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Active Directory Domain and do not require Windows services to function.
☆52Updated 3 years ago
Alternatives and similar repositories for sawh
Users that are interested in sawh are comparing it to the libraries listed below
Sorting:
- ☆72Updated 7 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆43Updated last year
- ☆41Updated 2 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆70Updated 2 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆41Updated 4 years ago
- Invoke-Forensics provides PowerShell commands to simplify working with the forensic tools KAPE and RegRipper.☆114Updated last year
- Remote access and Antivirus Logging Database☆42Updated last year
- Powershell script for Windows to retrieve the authentication hardening status of DCOM applications☆21Updated 2 years ago
- Defensive Origins Training Schedule☆38Updated last year
- ☆74Updated last year
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆52Updated 2 years ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- A PowerShell incident response script for quick triage☆80Updated 2 years ago
- ☆69Updated last month
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆85Updated last year
- PowerShell scripts for running Magnet RESPONSE forensic collection tool in large enterprises.☆24Updated 4 months ago
- CSIRT Jump Bag☆26Updated last year
- Various PowerShells scripts I've made (or others have made) to automate some of the boring stuff in my everyday DFIR journey!☆46Updated 8 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆121Updated 4 years ago
- Defender Resource Hub☆25Updated 2 weeks ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- Azure Sentinel Template parser☆16Updated 4 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- CrowdStrike's Open Source Policy & Contribution Guide☆40Updated 2 months ago
- Easily create index of your SANS books☆16Updated 2 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆90Updated this week