nsacyber / PRUNE
Logs key Windows process performance metrics. #nsacyber
☆66Updated 2 years ago
Alternatives and similar repositories for PRUNE:
Users that are interested in PRUNE are comparing it to the libraries listed below
- Configuration guidance for implementing BitLocker. #nsacyber☆120Updated 5 years ago
- Guidance for blocking outdated web technologies. #nsacyber☆57Updated 3 years ago
- Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) form…☆75Updated 7 years ago
- Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber☆108Updated 4 years ago
- Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber☆76Updated 8 years ago
- A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mit…☆99Updated 8 years ago
- Search a filesystem for indicators of compromise (IoC).☆71Updated 2 months ago
- Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber☆112Updated 8 years ago
- Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber☆212Updated last month
- Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber☆163Updated 4 years ago
- Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber☆199Updated 8 years ago
- Detects Windows and Linux systems with enabled Trusted Platform Modules (TPM) vulnerable to CVE-2017-15361. #nsacyber☆55Updated 6 years ago
- WALKOFF-enabled applications. #nsacyber☆144Updated 6 years ago
- Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber☆402Updated 2 years ago
- Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs☆92Updated 3 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆77Updated 11 months ago
- Threathunt details for the Solarwinds compromise☆33Updated 3 years ago
- PowerShell Module for automating Tenable Nessus Vulnerability Scanner.☆88Updated 2 years ago
- ☆30Updated 8 years ago
- The Binary Analysis Metadata tool gathers information about Windows binaries to aid in their analysis. #nsacyber☆158Updated 11 months ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- Sysmon configuration☆65Updated 6 years ago
- ☆45Updated 2 years ago
- Event Logging is an XML Schema for describing the auditable events generated by computer systems, hardware devices and access control sys…☆26Updated this week
- Invoke-LiveResponse☆147Updated 3 years ago
- Registry Explorer bookmark definitions☆41Updated 4 months ago
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Updated 7 years ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆124Updated 3 years ago
- Report Generation from the Carbon Black REST API☆15Updated 3 years ago