Alternatives and similar repositories for ExchangeMarch2021IOCHunt

Users that are interested in ExchangeMarch2021IOCHunt are comparing it to the libraries listed below

• YossiSassi / Get-UserSession
  Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…
  ☆92Updated 3 months ago
• cnotin / m365_groups_enum
  Enumerate Microsoft 365 Groups in a tenant with their metadata
  ☆53Updated 4 years ago
• dwmetz / QuickPcap
  A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.
  ☆40Updated 2 years ago
• jangeisbauer / gundog
  gundog - guided hunting in Microsoft Defender
  ☆52Updated 4 years ago
• eshlomo1 / Azure-AD-Incident-Response
  Azure AD Incident Response
  ☆25Updated 3 years ago
• p0w3rsh3ll / NetCease
  ☆63Updated 4 years ago
• thalpius / Microsoft-Azure-AD-Conditional-Access-Validator
  This script validates the most common Conditional Access policies in Microsoft 365.
  ☆10Updated last year
• DefensiveOrigins / DomainBuildScripts
  Build a domain with three quick PowerShell scripts!
  ☆29Updated 5 years ago
• CompassSecurity / Readinizer
  Microsoft GPO Readiness Lateral Movement Detection Tool
  ☆16Updated 2 years ago
• ZephrFish / NessusPreFlight
  Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to …
  ☆16Updated 2 months ago
• Trimarc / Invoke-TrimarcADChecks
  The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…
  ☆54Updated last year
• davidprowe / AD_Sec_Tools
  ☆115Updated 5 years ago
• rgeoghan / app-password-persistence
  Using Microsoft 365 App Passwords for persistence
  ☆23Updated 4 years ago
• mikoiv / MicrosoftSentinel-ShodanMonitor
  Ingesting Shodan Monitor Alerts to Microsoft Sentinel
  ☆34Updated last year
• humio / security_monitoring
  ☆41Updated 2 years ago
• LaresLLC / SysmonConfigPusher
  Pushes Sysmon Configs
  ☆88Updated 4 years ago
• mandiant / citrix-ioc-scanner-cve-2023-3519
  ☆65Updated last year
• ScarredMonk / PopulateActiveDirectory
  Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …
  ☆35Updated 3 years ago
• drewhjelm / firewall-audit
  ☆17Updated 5 years ago
• p0w3rsh3ll / SEC505
  ☆50Updated 5 years ago
• jakehildreth / adcs-snippets
  Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.
  ☆33Updated last year
• maartengoet / presentations
  Presentations
  ☆17Updated 2 years ago
• EvotecIT / PowerShellManager
  Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.
  ☆41Updated 4 years ago
• DGG-IT / Match-ADHashes
  Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the…
  ☆77Updated 4 years ago
• ziesemer / ad-privileged-audit
  Provides various Windows Server Active Directory (AD) security-focused reports.
  ☆97Updated 6 months ago
• PlumHound / PlumHound-Tasks
  Community Tasks/Plans for PlumHound Queueing
  ☆23Updated 2 years ago
• hesaad / M365DPlaybooks
  M365 Defender SOC Playbooks
  ☆24Updated 2 years ago
• robwillisinfo / Disable-PSv2
  Disabling PowerShell v2 with Group Policy
  ☆15Updated 3 years ago
• MotiBa / AppLocker
  AppLocker hardening policies
  ☆25Updated 6 years ago
• neKuehn / MADs
  General scripts that gather information out of Active Directory
  ☆16Updated 3 years ago