secureworks / dcept
A tool for deploying and detecting use of Active Directory honeytokens
☆503Updated 2 years ago
Alternatives and similar repositories for dcept:
Users that are interested in dcept are comparing it to the libraries listed below
- PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted da…☆484Updated 7 years ago
- Incident Response Forensic Framework☆599Updated 5 years ago
- ☆506Updated 4 years ago
- Honeypot Intelligence with Splunk☆254Updated 6 years ago
- MozDef: The Mozilla Defense Platform☆67Updated 5 years ago
- DPS' Lightweight Investigation Notebook☆427Updated last year
- (extensible) Data Exfiltration Toolkit (DET)☆827Updated 7 years ago
- A PowerShell script to interact with the MITRE ATT&CK Framework via its own API☆367Updated 6 years ago
- Configuration guidance for implementing Pass-the-Hash mitigations. #nsacyber☆198Updated 8 years ago
- Machinae Security Intelligence Collector☆507Updated 9 months ago
- Powershell-based Windows Security Auditing Toolbox☆576Updated 6 years ago
- Documentation for the GRR Rapid Reponse framework☆303Updated 5 months ago
- A PowerShell TCP/IP swiss army knife.☆562Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆650Updated 5 years ago
- CrowdStrike Falcon Orchestrator provides automated workflow and response capabilities☆186Updated last year
- RWMC is no longer supported. Please use PowerMemory.☆165Updated 9 years ago
- Honeypot deployment made easy☆235Updated 5 years ago
- Currently not updated for WMIEvent module...☆262Updated 8 years ago
- Remote forensics meta tool☆466Updated 8 months ago
- FireEye Publicly Shared Indicators of Compromise (IOCs)☆463Updated 6 years ago
- A tool for security professionals to access and interact with remote Microsoft Windows based systems.☆431Updated 7 years ago
- This script communicates with the Nessus API in an attempt to help with automating scans. Depending on the flag issued with the script, y…☆215Updated 5 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆631Updated 7 years ago
- Malicious HTTP traffic explorer☆715Updated last year
- Automated deployment scripts for the RockNSM network hunting distribution.☆449Updated last year
- Web interface for the Volatility Memory Forensics Framework☆260Updated 7 years ago
- Automated, Collection, and Enrichment Platform☆324Updated 5 years ago
- DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.☆466Updated 4 years ago
- A low to medium interaction honeypot.☆463Updated 10 months ago
- Python and Powershell internal penetration testing framework☆718Updated 8 years ago