p0w3rsh3ll / SEC505
☆49Updated 4 years ago
Alternatives and similar repositories for SEC505:
Users that are interested in SEC505 are comparing it to the libraries listed below
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆49Updated last year
- A series of scripts☆98Updated 3 years ago
- ☆41Updated last year
- ☆60Updated 3 years ago
- ☆111Updated 5 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆28Updated 2 years ago
- Useful access control entries (ACE) on system access control list (SACL) of securable objects to find potential adversarial activity☆90Updated 3 years ago
- Little PowerShell module to extract PowerShell scripts that no longer exists on disk but were run and are still in Event Logs.☆40Updated 4 years ago
- ☆72Updated 5 months ago
- This repository was created to aid in the deployment/maintenance of the Sysmon service on a large number of computers.☆82Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 3 years ago
- Automation around Entra ID☆35Updated 3 months ago
- A tiny tool built to help AD Admins tame the Protected Users group.☆45Updated 2 months ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago
- PowerShell Module for managing Microsoft Defender Advanced Threat Protection☆71Updated 2 years ago
- Hands on lab materials for the PowerShell Security session☆47Updated 5 years ago
- Microsoft Threat Protection Advance Hunting Cheat Sheet☆79Updated 4 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆91Updated last year
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- MDE relies on some of the Audit settings to be enabled☆97Updated 2 years ago
- A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies☆62Updated last year
- Build a domain with three quick PowerShell scripts!☆29Updated 4 years ago
- Module to update the Krbtgt password☆46Updated last year
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆105Updated 3 months ago
- ☆48Updated 8 months ago
- Defender for Endpoint☆27Updated 8 months ago
- Collection of PowerShell functinos and scripts a Blue Teamer might use☆83Updated last year
- Tony's collection of powershell scripts, typically geared toward cybersec☆32Updated last week
- Microsoft GPO Readiness Lateral Movement Detection Tool☆16Updated 2 years ago
- PowerShell Module to interact with VirusTotal☆119Updated 5 years ago