soteria-security / HAFNIUM-IOCLinks
A PowerShell script to identify indicators of exploitation of CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-26865
☆22Updated 4 years ago
Alternatives and similar repositories for HAFNIUM-IOC
Users that are interested in HAFNIUM-IOC are comparing it to the libraries listed below
Sorting:
- Visual Studio Code Microsoft Sysinternal Sysmon configuration file extension.☆52Updated last year
- These are some of the commands which I use frequently during Malware Analysis and DFIR.☆24Updated last year
- Threat Mitigation Strategies☆25Updated last year
- Active Directory Toolkit☆20Updated 6 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago
- Build a domain with three quick PowerShell scripts!☆29Updated 5 years ago
- Azure AD Incident Response☆25Updated 3 years ago
- Defensive-oriented Active Directory enumeration☆23Updated 9 years ago
- This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode☆26Updated 11 months ago
- Using Microsoft 365 App Passwords for persistence☆23Updated 4 years ago
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- A set of tools for collecting forensic information☆26Updated 5 years ago
- Bloodhound Portable for Windows☆51Updated 2 years ago
- Just a bunch of code snippets to identify and remediate common Active Directory Certificate Services issues.☆32Updated last year
- BloodHound Data Scanner☆45Updated 4 years ago
- Set of ultra technical notes about AD☆18Updated 6 years ago
- Send High & New Incidents to The Hive incident management Platform☆18Updated 4 years ago
- Windows stuff☆16Updated 5 years ago
- Enumerate Microsoft 365 Groups in a tenant with their metadata☆53Updated 4 years ago
- Azure AD Identity Protection Cookie Spoofing☆33Updated last year
- ☆25Updated 3 years ago
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Updated 7 years ago
- A collection of searches, interesting events and tables on Crowdstrike Splunk.☆29Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Updated 5 years ago
- Kerberoast Detection Script☆30Updated 7 months ago
- Quick and dirty PoSH code to read teams messages☆22Updated 3 months ago
- Automatically generated Sysmon parser for Azure Sentinel☆16Updated this week
- ☆18Updated 5 years ago
- ☆11Updated 3 years ago