microsoft / SecCon-FrameworkLinks
Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuratio…
☆283Updated 3 years ago
Alternatives and similar repositories for SecCon-Framework
Users that are interested in SecCon-Framework are comparing it to the libraries listed below
Sorting:
- MDATP☆457Updated last year
- Windows OS Hardening with PowerShell DSC☆288Updated 2 years ago
- Creating a hardened "Blue Forest" with Server 2016/2019 Domain Controllers☆265Updated last year
- Contact: CRT@crowdstrike.com☆747Updated 2 years ago
- Building environments to replicate small networks and deploy applications☆331Updated 11 months ago
- Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.☆577Updated 11 months ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆454Updated 2 years ago
- Microsoft Sentinel SOC Operations☆264Updated last year
- KQL queries for Advanced Hunting☆176Updated 5 years ago
- Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test…☆238Updated 5 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆227Updated 10 months ago
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆290Updated 4 years ago
- PowerShell module for Azure Sentinel☆233Updated 3 years ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆910Updated 9 months ago
- The Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA)☆352Updated last year
- EventList☆378Updated 4 years ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆276Updated 4 years ago
- PowerShell for CrowdStrike's OAuth2 APIs☆443Updated this week
- A collection of scripts and works related to Azure Sentinel☆41Updated 3 years ago
- Various tools used to monitor and troubleshoot Azure Sentinel data☆31Updated last year
- Repository with Sample KQL Query examples for Threat Hunting☆217Updated 3 years ago
- ☆121Updated last month
- A PowerShell script that automates the security assessment of Microsoft 365 environments.☆643Updated 8 months ago
- Timeline of Active Directory changes with replication metadata☆520Updated 9 months ago
- Robust and practical application control for Windows☆675Updated 3 years ago
- M365 MDATP Live Response sample scripts☆82Updated last year
- Tooling for assessing an Azure AD tenant state and configuration☆822Updated last year
- Credit to Helge Klein - https://helgeklein.com/blog/2015/02/creating-realistic-test-user-accounts-active-directory/☆99Updated 5 years ago
- Collect / retrieve Office365, AzureAD and DLP audit logs and output to PRTG, Azure Log Analytics Workspace, SQL, Graylog, Fluentd, and/or…☆117Updated last year
- The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)☆264Updated 3 years ago