tomwechsler / Threat_Hunting_with_PowerShellLinks
Security even with a small budget - there is no excuse!
☆19Updated 2 years ago
Alternatives and similar repositories for Threat_Hunting_with_PowerShell
Users that are interested in Threat_Hunting_with_PowerShell are comparing it to the libraries listed below
Sorting:
- A quick and easy PowerShell script to collect a packet trace with option to convert .etl to .pcap.☆40Updated 2 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆29Updated last week
- Active Directory Group Policy analyzer☆14Updated 5 years ago
- Links and guidance related to the return on mitigation report in the Microsoft Digital Defense Report☆28Updated last year
- AppLocker hardening policies☆25Updated 6 years ago
- 🛡️ Assign AD permissions via PowerShell templates — Simplify and standardize AD delegation with reusable PowerShell templates.☆13Updated 2 months ago
- ☆20Updated last year
- ☆19Updated last year
- The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks pe…☆54Updated last year
- ☆11Updated last month
- MS Entra ID Protection Guidance☆20Updated last year
- A small guide on Unknown/Orphaned SIDs and some PowerShell tools to help you get rid of them.☆16Updated 3 years ago
- Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …☆35Updated 3 years ago
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆30Updated 8 months ago
- Self-contained Hyper-V Active Directory Lab Environment☆58Updated last week
- Specific guidance and configuration scripts based on Microsoft-recommended security configuration baselines for Windows.☆13Updated 4 years ago
- Conditional Access Reporting☆27Updated 2 months ago
- A series of functions to parse Teamviewer logs to answer specific questions☆10Updated 2 years ago
- The cActiveDirectorySecurity module contains PowerShell Functions which are designed to report on and manipulate Access Control Lists on …☆11Updated 6 years ago
- ☆42Updated last year
- ☆72Updated 8 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆89Updated 10 months ago
- ☆53Updated last month
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆107Updated 6 months ago
- Automation around Entra ID☆37Updated 6 months ago
- ☆41Updated 2 years ago
- A PowerShell module for incident response and threat hunting.☆34Updated last year
- ☆33Updated 3 months ago
- ☆45Updated last month
- ☆43Updated 4 years ago