microsoft / SecCon-Framework
Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuratio…
☆281Updated 2 years ago
Alternatives and similar repositories for SecCon-Framework:
Users that are interested in SecCon-Framework are comparing it to the libraries listed below
- MDATP☆459Updated 8 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆817Updated 2 weeks ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆432Updated last year
- Microsoft Sentinel SOC Operations☆251Updated 8 months ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆564Updated last month
- Windows OS Hardening with PowerShell DSC☆276Updated last year
- Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test…☆235Updated 4 years ago
- Contact: CRT@crowdstrike.com☆715Updated last year
- Building environments to replicate small networks and deploy applications☆321Updated last month
- Tooling for assessing an Azure AD tenant state and configuration☆777Updated 9 months ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆216Updated last month
- KQL queries for Advanced Hunting☆171Updated 5 years ago
- EventList☆373Updated 4 years ago
- A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…☆560Updated 3 months ago
- Robust and practical application control for Windows☆623Updated 2 years ago
- This script will enable you to reset the krbtgt account password and related keys while minimizing the likelihood of Kerberos authenticat…☆416Updated last year
- PowerShell module for Azure Sentinel☆234Updated 2 years ago
- The Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA)☆321Updated 9 months ago
- A PowerShell script that automates the security assessment of Microsoft 365 environments.☆606Updated last month
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,065Updated 3 months ago
- Azure Sentinel KQL☆432Updated 6 months ago
- PowerShell framework to assess Azure security☆1,159Updated 6 months ago
- Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.☆478Updated 4 months ago
- Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft E…☆897Updated 2 weeks ago
- Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers☆263Updated 5 months ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆253Updated 4 years ago
- A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel☆224Updated 2 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆398Updated this week
- Deploy customizable Active Directory labs in Azure - automatically.☆416Updated 3 months ago
- Timeline of Active Directory changes with replication metadata☆490Updated 2 months ago