nsacyber / PRUNE
Logs key Windows process performance metrics. #nsacyber
☆66Updated 2 years ago
Alternatives and similar repositories for PRUNE:
Users that are interested in PRUNE are comparing it to the libraries listed below
- Configuration guidance for implementing BitLocker. #nsacyber☆120Updated 5 years ago
- A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mit…☆98Updated 8 years ago
- Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber☆76Updated 8 years ago
- Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber☆107Updated 4 years ago
- Search a filesystem for indicators of compromise (IoC).☆70Updated last month
- Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber☆211Updated 3 weeks ago
- Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) form…☆75Updated 7 years ago
- Guidance for blocking outdated web technologies. #nsacyber☆57Updated 3 years ago
- Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber☆163Updated 4 years ago
- ☆30Updated 8 years ago
- PowerShell Module for automating Tenable Nessus Vulnerability Scanner.☆88Updated 2 years ago
- Sysmon configuration☆66Updated 6 years ago
- Identifies unexpected and prohibited certificate authority certificates on Windows systems. #nsacyber☆111Updated 8 years ago
- Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber☆198Updated 8 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber☆401Updated 2 years ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Updated 5 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆217Updated last month
- Event Logging is an XML Schema for describing the auditable events generated by computer systems, hardware devices and access control sys…☆25Updated 9 months ago
- ☆45Updated 2 years ago
- This is a set of tools for doing forensics analysis on Microsoft ESE databases.☆124Updated 3 years ago
- Sysmon configuration file template with default high-quality event tracing☆17Updated 3 years ago
- Submits multiple domains to VirusTotal API☆60Updated 3 years ago
- PowerShell module for creating and managing Sysinternals Sysmon config files.☆207Updated 4 years ago
- PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts☆56Updated 4 years ago
- Threathunt details for the Solarwinds compromise☆33Updated 3 years ago
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Updated 7 years ago
- Registry Explorer bookmark definitions☆41Updated 3 months ago
- ☆77Updated 5 years ago