rootsecdev / Presentations

Related projects ⓘ

Alternatives and complementary repositories for Presentations

• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆99Updated 4 months ago
• reprise99 / 4688-sysmon
  ☆48Updated last year
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆112Updated this week
• DebugPrivilege / Research
  Repository that contains random short projects like write-ups, PowerShell scripts, and more.
  ☆26Updated last week
• JeffMichelmore / MDEKit
  ☆40Updated last year
• secureworks / primary-refresh-token-viewer
  ☆11Updated 2 years ago
• Corissalea / KQL-and-Workbooks
  Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!
  ☆20Updated 2 months ago
• FuzzySecurity / SANS-HackFest-2023
  ☆47Updated last year
• secgroundzero / KQL_Reference_Manual
  ☆40Updated 3 years ago
• mr-r3b00t / KQL
  This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet
  ☆10Updated last year
• Bert-JanP / Sentinel-Automation
  Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
  ☆75Updated 3 months ago
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆73Updated this week
• olafhartong / WDACme
  A WDAC configuration repository with the sole intention of enriching MDE
  ☆27Updated last year
• sap8899 / Group3rExplorer
  Fun GUI for Group3rs output log
  ☆26Updated last year
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆36Updated 3 weeks ago
• DefensiveOrigins / DO-LAB
  ☆43Updated last month
• improsec / 2Cloudz
  ☆22Updated 2 years ago
• msdirtbag / ADXFlowmaster
  ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
  ☆27Updated 3 weeks ago
• invictus-ir / Invictus-training
  Repository with supporting materials for Invictus Academy/Training
  ☆36Updated last month
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆79Updated 3 months ago
• biffalo / easy-wins-endpoint-defense
  Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endp…
  ☆38Updated 7 months ago
• GabrielDuschl / Automated-CME-Password-Spraying
  A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…
  ☆14Updated last year
• nicolonsky / AzureAiTMFunction
  Azure AiTM Function PoC to phish Entra ID Credentials
  ☆18Updated last month
• msdirtbag / MicrosoftPurpleTeamToolkit
  ☆41Updated 7 months ago
• SecurityAura / DE-TH-Aura
  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…
  ☆38Updated 2 weeks ago
• TrimarcJake / PowerPUG
  A tiny tool built to help AD Admins safely utilize the Protected Users group.
  ☆27Updated last week
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 3 months ago
• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆23Updated this week
• Ocel0tSec / AzureDump
  Powershell Script to enumerate AzureAD and output good data
  ☆14Updated last year
• TrimarcJake / BlueTuxedo
  A tiny tool to find and fix common misconfigurations in Active Directory-integrated DNS
  ☆97Updated last month