mdecrevoisier / Windows-WEC-server_auto-deployLinks
PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset
☆22Updated 3 years ago
Alternatives and similar repositories for Windows-WEC-server_auto-deploy
Users that are interested in Windows-WEC-server_auto-deploy are comparing it to the libraries listed below
Sorting:
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆55Updated 3 months ago
- A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.☆55Updated 2 years ago
- ☆73Updated 11 months ago
- ☆42Updated 2 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆39Updated 2 years ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆94Updated 2 months ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆55Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- ☆42Updated last year
- A repository of Sysmon For Linux configuration modules☆15Updated 3 years ago
- ☆43Updated 4 years ago
- Powershell Event Tracing Toolbox☆77Updated 3 years ago
- Evtx Log (xml) Browser☆56Updated 2 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆14Updated 5 years ago
- Some portable tools, some YARA, some Python, and a little bit of love. Not all of these tools can be used in incident response. Use PEs…☆39Updated 4 months ago
- ESXi Cyber Security Incident Response Script☆25Updated last year
- Ansible role for installing Sysmon with popular config files included.☆25Updated 2 years ago
- AppLocker hardening policies☆25Updated 7 years ago
- ☆66Updated 2 years ago
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆95Updated last month
- Scripts and a short guide for using them to tier an Active Directory. Made for BSides Copenhagen 2024☆38Updated 10 months ago
- ☆53Updated 3 weeks ago
- A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.☆27Updated 3 years ago
- MDE relies on some of the Audit settings to be enabled☆99Updated 3 years ago
- Monitor your PingCastle scans to highlight the rule diff between two scans☆117Updated 3 weeks ago
- Kerberoast Detection Script☆30Updated 10 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆110Updated last month
- Slides of my public talks☆56Updated last year
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆94Updated 6 months ago
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆33Updated 5 months ago