nsacyber / PRUNE
Logs key Windows process performance metrics. #nsacyber
☆66Updated 2 years ago
Alternatives and similar repositories for PRUNE:
Users that are interested in PRUNE are comparing it to the libraries listed below
- Configuration guidance for implementing BitLocker. #nsacyber☆120Updated 5 years ago
- Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber☆106Updated 3 years ago
- Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber☆211Updated 5 years ago
- Sysmon configuration☆66Updated 6 years ago
- Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber☆75Updated 8 years ago
- Guidance for blocking outdated web technologies. #nsacyber☆55Updated 3 years ago
- Submits multiple domains to VirusTotal API☆60Updated 3 years ago
- AdmPwd.E client and support tools☆31Updated 4 years ago
- Search a filesystem for indicators of compromise (IoC).☆69Updated 5 months ago
- Registry Explorer bookmark definitions☆41Updated last month
- Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) form…☆75Updated 7 years ago
- ☆30Updated 8 years ago
- PowerShell Module to interact with VirusTotal☆119Updated 5 years ago
- Mapping your datasources and detections to the MITRE ATT&CK Navigator framework.☆57Updated 4 years ago
- Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber☆198Updated 8 years ago
- A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mit…☆98Updated 8 years ago
- PowerShell Module for automating Tenable Nessus Vulnerability Scanner.☆88Updated 2 years ago
- Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber☆111Updated 8 years ago
- Just random powershell things I've put together.☆38Updated 4 years ago
- Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber☆398Updated 2 years ago
- Powering Up Incident Response with Power-Response☆63Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- This repository is created to add value to existing Network Security Monitoring solutions.☆42Updated 8 years ago
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆54Updated 7 years ago
- Invoke-LiveResponse☆146Updated 2 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆77Updated 8 months ago
- Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber☆163Updated 4 years ago
- Sysmon configuration file template with default high-quality event tracing☆17Updated 3 years ago
- Command line access to the Registry☆135Updated last week
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆123Updated 2 years ago