j91321 / ansible-role-sysmonLinks
Ansible role for installing Sysmon with popular config files included.
☆25Updated 2 years ago
Alternatives and similar repositories for ansible-role-sysmon
Users that are interested in ansible-role-sysmon are comparing it to the libraries listed below
Sorting:
- ☆42Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- ☆43Updated 4 years ago
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆36Updated 3 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆94Updated 3 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…☆14Updated 2 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆33Updated last year
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- A tool to modify timestamps in a packet capture to a user selected date☆31Updated 4 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- Kerberoast Detection Script☆30Updated 9 months ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆117Updated 2 weeks ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10Updated last year
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Updated 2 years ago
- Azure AD Incident Response☆26Updated 3 years ago
- Threat Mitigation Strategies☆25Updated last week
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…�☆55Updated 2 years ago
- ☆23Updated 5 months ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆55Updated 2 months ago
- Analyze Windows Firewall outbound blocks and selectively allow traffic☆68Updated 2 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆29Updated 2 months ago
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated 2 years ago
- ☆53Updated 4 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆110Updated last week
- Presentations from Conferences☆29Updated 11 months ago
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆71Updated 8 months ago