soteria-security / HAFNIUM-IOCLinks
A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865
☆22Updated 4 years ago
Alternatives and similar repositories for HAFNIUM-IOC
Users that are interested in HAFNIUM-IOC are comparing it to the libraries listed below
Sorting:
- Defensive-oriented Active Directory enumeration☆24Updated 9 years ago
- Threat Mitigation Strategies☆25Updated 2 years ago
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- Looks up permissions within Active Directory on a target (OU or Computer) to determine access to LAPS attributes (ms-Mcs-AdmPwdExpiration…☆15Updated 2 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- Some Powershell scripts developed during my security consulting work. Hopefully they are useful to you too!☆13Updated 5 years ago
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆53Updated 2 years ago
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- BloodHound Data Scanner☆45Updated 5 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Updated 3 years ago
- Using Microsoft 365 App Passwords for persistence☆23Updated 4 years ago
- Active Directory Toolkit☆20Updated 6 years ago
- Nessus Preflight(NPF) Check for local and remote systems. Essentially sets three registry keys and restarts a service to allow nessus to …☆16Updated 2 months ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆26Updated last year
- This is a repository for the public blog with Labs indicators of compromise and code☆18Updated 5 years ago
- ☆23Updated 4 months ago
- Powershell / C# based cross platform forensic framework based for live incident response☆23Updated 5 years ago
- Kerberoast Detection Script☆30Updated 8 months ago
- Azure AD Incident Response☆26Updated 3 years ago
- PSAttck is a light-weight framework for the MITRE ATT&CK Framework.☆38Updated 3 years ago
- Winterfell hunt is a python script to perform auto threat hunting for malicious activities in windows OS based on collected data by winte…☆15Updated 4 years ago
- ☆13Updated 3 years ago
- Enumerate Microsoft 365 Groups in a tenant with their metadata☆53Updated 4 years ago
- ☆21Updated 3 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Updated 7 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Comae Stardust Command Line (Powershell & Python)☆1Updated 2 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago