lordsaibat / finding_windows_privilegesLinks
Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compromise if not evaluated. Privileges can override permission causing a gap of perceived effective permission.
☆10Updated 7 years ago
Alternatives and similar repositories for finding_windows_privileges
Users that are interested in finding_windows_privileges are comparing it to the libraries listed below
Sorting:
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated 2 years ago
- OSSEM Modular☆27Updated 5 years ago
- Set of ultra technical notes about AD☆18Updated 7 years ago
- Detect possible sysmon logging bypasses given a specific configuration☆111Updated 6 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Updated 4 years ago
- ☆52Updated 6 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- PowerShell Script to facilitate the processing of SRUM data for on-the-fly forensics and if needed threat hunting☆23Updated 5 years ago
- Trace ScriptBlock execution for powershell v2☆40Updated 5 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- Get all AD objects which are hidden from you☆18Updated 8 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Automated forensics written in PowerShell☆34Updated 5 years ago
- Obtains a list of GPOs based on known Client Side Extensions (CSE) that normally contain passwords☆33Updated 6 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Updated 5 years ago
- PowerShellMethodAuditor listens to the PowerShell ETW provider and logs PowerShell method invocations.☆38Updated 7 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Updated 6 years ago
- A Windows REG file to enable all default PowerShell logging on a system with PowerShell v5 installed☆16Updated 9 years ago
- Presentation Slides☆26Updated 6 years ago
- Threat Mitigation Strategies☆25Updated 3 weeks ago
- Splunk App to assist Sysmon Threat Hunting☆38Updated 8 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Updated 5 years ago
- A simple utility to check the status of and/or disable SMBv1 on Windows system via Cb Response's Live Response functionality.☆15Updated 6 years ago
- A companion tool for BloodHound offering Active Directory statistics and number crunching☆64Updated 7 years ago
- ☆32Updated 9 months ago
- ☆18Updated 6 years ago
- Set of utilities for getting information about Windows Events☆15Updated 7 years ago
- Crack your macros like the math pros.☆33Updated 8 years ago
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- B-Sides CBR 2018 talk about group policy and Grouper☆38Updated 6 years ago