lordsaibat / finding_windows_privilegesLinks
Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission.
☆10Updated 7 years ago
Alternatives and similar repositories for finding_windows_privileges
Users that are interested in finding_windows_privileges are comparing it to the libraries listed below
Sorting:
- OSSEM Modular☆27Updated 5 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated 2 years ago
- ☆52Updated 7 years ago
- Set of ultra technical notes about AD☆18Updated 7 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 8 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆110Updated 6 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Updated 4 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15Updated 6 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- Get all AD objects which are hidden from you☆18Updated 8 years ago
- ☆33Updated 10 months ago
- ☆18Updated 6 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 9 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Updated 5 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Updated 5 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Updated 5 years ago
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Updated 5 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆50Updated 6 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆87Updated 8 years ago
- Repository for all cbapi example scripts☆16Updated 7 years ago
- gpocheck☆30Updated last year
- Python parser for Red Canary's Atomic Red Team Yamls☆27Updated 6 years ago
- B-Sides CBR 2018 talk about group policy and Grouper☆38Updated 6 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 5 years ago