jangeisbauer / gundog
gundog - guided hunting in Microsoft Defender
☆52Updated 3 years ago
Alternatives and similar repositories for gundog:
Users that are interested in gundog are comparing it to the libraries listed below
- Enumerate Microsoft 365 Groups in a tenant with their metadata☆52Updated 4 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 3 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- ☆41Updated 3 years ago
- Random tips and tricks RE: ransomware☆14Updated 3 years ago
- ☆46Updated this week
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Azure AD Incident Response☆25Updated 3 years ago
- ASR Configurator, Essentials and Atomic Testing☆37Updated 4 months ago
- Azure function to insert MISP data in to Azure Sentinel☆31Updated 2 years ago
- Presentations☆17Updated 2 years ago
- ☆41Updated 11 months ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆34Updated last year
- PowerShell 'Hero': scripts for DFIR and automation with a PowerShell menu example.☆36Updated last year
- ☆41Updated last year
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Jupyter notebooks☆23Updated 4 years ago
- A series of PowerShell scripts to automate collection of forensic artefacts in most Incident Response environments☆65Updated 3 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Updated 3 months ago
- A collection of hunting and blue team scripts. Mostly others, some my own.☆38Updated 2 years ago
- General Content☆23Updated 8 months ago
- ESXi Cyber Security Incident Response Script☆23Updated 6 months ago
- Kerberoast Detection Script☆30Updated 4 months ago
- Windows Security Logging☆43Updated 2 years ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆39Updated 11 months ago
- PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.☆65Updated 3 months ago
- ☆22Updated 2 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 4 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago