mr-r3b00t / ExchangeMarch2021IOCHuntLinks
Really fast knock up use at own risk etc.
☆18Updated 4 years ago
Alternatives and similar repositories for ExchangeMarch2021IOCHunt
Users that are interested in ExchangeMarch2021IOCHunt are comparing it to the libraries listed below
Sorting:
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆92Updated 3 months ago
- Enumerate Microsoft 365 Groups in a tenant with their metadata☆53Updated 4 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- gundog - guided hunting in Microsoft Defender☆52Updated 4 years ago
- Azure AD Incident Response☆25Updated 3 years ago
- ☆63Updated 4 years ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10Updated last year
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to …☆16Updated 2 months ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆54Updated last year
- ☆115Updated 5 years ago
- Using Microsoft 365 App Passwords for persistence☆23Updated 4 years ago
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆34Updated last year
- ☆41Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 4 years ago
- ☆65Updated last year
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆35Updated 3 years ago
- ☆17Updated 5 years ago
- ☆50Updated 5 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆33Updated last year
- Presentations☆17Updated 2 years ago
- Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.☆41Updated 4 years ago
- Builds a hashmap of AD NTLM hashes/usernames and iterates through a second list of hashes checking for the existence of each entry in the…☆77Updated 4 years ago
- Provides various Windows Server Active Directory (AD) security-focused reports.☆97Updated 6 months ago
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago
- M365 Defender SOC Playbooks☆24Updated 2 years ago
- Disabling PowerShell v2 with Group Policy☆15Updated 3 years ago
- AppLocker hardening policies☆25Updated 6 years ago
- General scripts that gather information out of Active Directory☆16Updated 3 years ago