mdecrevoisier / Windows-auditing-baseline
Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.
☆28Updated 8 months ago
Related projects: ⓘ
- Slides of my public talks☆46Updated 9 months ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- ESXi Cyber Security Incident Response Script☆19Updated 2 weeks ago
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆18Updated last year
- Incident Response Report Using GitHub-Sphinx☆19Updated 4 years ago
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 6 months ago
- ☆42Updated 3 months ago
- General Content☆19Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset☆21Updated 2 years ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆18Updated 6 months ago
- ASR Configurator, Essentials and Atomic Testing☆32Updated 3 weeks ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…