p0w3rsh3ll / SEC505
☆49Updated 4 years ago
Alternatives and similar repositories for SEC505:
Users that are interested in SEC505 are comparing it to the libraries listed below
- A series of scripts☆98Updated 3 years ago
- ☆111Updated 5 years ago
- ☆41Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆28Updated 2 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆90Updated 3 years ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆83Updated last year
- ☆72Updated 4 months ago
- Pushes Sysmon Configs☆89Updated 3 years ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated last year
- Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.☆40Updated 4 years ago
- ☆60Updated 3 years ago
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆79Updated 4 years ago
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆49Updated last year
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…☆39Updated 4 years ago
- Azure Sentinel Template parser☆16Updated 4 years ago
- Advanced Hunting Queries for Microsoft Security Products☆106Updated 2 years ago
- Automation around Entra ID☆35Updated 3 months ago
- A tiny tool built to help AD Admins tame the Protected Users group.☆45Updated last month
- Community Tasks/Plans for PlumHound Queueing☆23Updated 2 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- List of PowerShell commands and commandlets that should be in your Powershel watchlist☆37Updated 3 years ago
- Powershell Event Tracing Toolbox☆74Updated 2 years ago
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defe…☆39Updated 3 years ago
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago
- PowerShell module for SentinelOne API☆65Updated last year
- Build a domain with three quick PowerShell scripts!☆29Updated 4 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆90Updated last year