List of PowerShell commands and commandlets that should be in your Powershel watchlist
☆39Jul 22, 2021Updated 4 years ago
Alternatives and similar repositories for PowerShellWatchlist
Users that are interested in PowerShellWatchlist are comparing it to the libraries listed below
Sorting:
- Export MISP attributes in Yara☆12Sep 15, 2017Updated 8 years ago
- ☆53Aug 22, 2021Updated 4 years ago
- LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network☆74Jul 9, 2019Updated 6 years ago
- Pwnage☆17Jul 1, 2025Updated 8 months ago
- YARA duplicate rule detection and removal. YARA rule index creation. YARA rule file merger.☆10Jan 19, 2026Updated 2 months ago
- Automate Windows Defender STIG to 100% Compliance☆19Jul 26, 2024Updated last year
- Audit Powershell and search from known keywords in history #Blueteam☆25Apr 22, 2020Updated 5 years ago
- PowerShell script for hardening GE digital CIMPLICITY servers☆23Aug 12, 2021Updated 4 years ago
- Windows eventlog formatting, live fetching and querying utility in C☆20May 26, 2020Updated 5 years ago
- Materials for AWS Training☆15Jul 21, 2021Updated 4 years ago
- Hunt for Keywords , Mutex, Windows Event,Registry Keys,Process,Schedule tasks in Windows Machine☆22Dec 8, 2024Updated last year
- ASN.1 parser used by PeNet do parse Authenticode signatures☆14Apr 11, 2025Updated 11 months ago
- Reference sheet for Threat Hunting Professional Course☆26Mar 10, 2019Updated 7 years ago
- Sharing Threat Hunting runbooks☆25Jul 5, 2019Updated 6 years ago
- ☆11May 27, 2021Updated 4 years ago
- Log newly created WMI consumers and processes to the Windows Application event log☆124Feb 28, 2018Updated 8 years ago
- Detecting ATT&CK techniques & tactics for Linux☆257Oct 1, 2020Updated 5 years ago
- PowerShell Script for Agentless Incident Response☆25Apr 5, 2018Updated 7 years ago
- A tool to identify and remediate common misconfigurations in Active Directory Certificate Services☆18Jan 13, 2024Updated 2 years ago
- Collection of scripts for use with Carbon Black Cb Response API☆14May 7, 2022Updated 3 years ago
- Script to enabled DNS Debug Logging across Domain Controllers in a Forest and then retrieve for analysis☆14May 27, 2016Updated 9 years ago
- AppLocker hardening policies☆26Jul 26, 2018Updated 7 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated last year
- A collection of useful PowerShell tools to collect, organize, and visualize Sysmon event data☆39Mar 23, 2020Updated 5 years ago
- A gitbook for doing a null Bangalore session on linux container security to discuss and teach namespaces, cgroups etc.☆20Apr 27, 2017Updated 8 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was …☆79Dec 24, 2017Updated 8 years ago
- Zac's assorted config files☆10Jan 11, 2017Updated 9 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆104Dec 19, 2017Updated 8 years ago
- A repository of sysmon configuration modules☆2,994Aug 21, 2024Updated last year
- Threat Feeds, Threat lists, and regular lists of known IP ranges and domains. It updates every 4 hours.☆16May 21, 2021Updated 4 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆430Dec 22, 2023Updated 2 years ago
- ☆14Mar 5, 2021Updated 5 years ago
- QRadar Export the rule set for printing☆23Oct 23, 2017Updated 8 years ago
- subTee gists code backups☆37Dec 19, 2017Updated 8 years ago
- ☆14Feb 8, 2020Updated 6 years ago
- A fast library for parsing and importing Windows Event Logs into Elasticsearch.☆86Updated this week
- Cloud Templates and scripts to deploy mordor environments☆129Mar 3, 2021Updated 5 years ago