nsacyber / PRUNE
Logs key Windows process performance metrics. #nsacyber
☆65Updated last year
Related projects ⓘ
Alternatives and complementary repositories for PRUNE
- Configuration guidance for implementing BitLocker. #nsacyber☆120Updated 5 years ago
- Converts serial IP data, typically collected from Industrial Control System devices, to the more commonly used Packet Capture (PCAP) form…☆72Updated 7 years ago
- Aids in discovering HTTP and HTTPS connectivity issues. #nsacyber☆105Updated 3 years ago
- Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber☆74Updated 8 years ago
- A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mit…☆98Updated 8 years ago
- Guidance for blocking outdated web technologies. #nsacyber☆55Updated 2 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆67Updated last year
- PowerShell Module for automating Tenable Nessus Vulnerability Scanner.☆88Updated last year
- Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework. #nsacyber☆163Updated 4 years ago
- Find accounts using common and default passwords in Active Directory.☆65Updated 5 years ago
- Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber☆198Updated 8 years ago
- Search a filesystem for indicators of compromise (IoC).☆68Updated 2 months ago
- Audix is a PowerShell tool to quickly configure the Windows Event Audit Policies for security monitoring☆117Updated 4 years ago
- ☆49Updated 4 years ago
- Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber☆210Updated 4 years ago
- Collection of resources related to the Center for Threat-Informed Defense☆77Updated 6 months ago
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…☆50Updated 3 years ago
- Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs☆91Updated 3 years ago
- Sysmon configuration☆66Updated 6 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated last year
- A few scripts I put together for testing purposes and to automate a few capabilities while doing IR. These scripts are also part of my bl…☆53Updated 6 years ago
- PowerShell Module to interact with VirusTotal☆119Updated 4 years ago
- Logmira by Blumira has been created by Amanda Berlin as a helpful download of Microsoft Windows Domain Group Policy Object settings.☆59Updated last month
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆213Updated 2 years ago
- Snapshot, patch, health-check, and potentially roll-back Windows VMs☆34Updated 6 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Expert Investigation Guides☆50Updated 3 years ago