xg5-simon / MS-Graph-BlueTeam
MS Graph Commands and Tools for Blue Teamers
β49Updated last year
Alternatives and similar repositories for MS-Graph-BlueTeam:
Users that are interested in MS-Graph-BlueTeam are comparing it to the libraries listed below
- π§° ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.β71Updated 2 months ago
- Advanced Email Threat Hunting w/ Detection as Codeβ52Updated last month
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so onβ81Updated 10 months ago
- A repository of curated lists with elements such as IoCs to use for threat hunting & detection queries.β34Updated 8 months ago
- DEFCON 31 slide deck and video linkβ58Updated 8 months ago
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europeβ33Updated 9 months ago
- Providing Azure pipelines to create an infrastructure and run Atomic tests.β51Updated last year
- β32Updated 11 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data wβ¦β51Updated 3 months ago
- A practical resource on using open-source tools for Incident Response. This repo shares workflows, tool setups, and steps for responding β¦β28Updated 4 months ago
- β32Updated 2 years ago
- CarbonBlack EDR detection rules and response actionsβ71Updated 6 months ago
- ASR Configurator, Essentials and Atomic Testingβ37Updated 4 months ago
- Detection rule validationβ41Updated last year
- Table of AD and Azure assets and whether they belong to Tier Zeroβ26Updated last year
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.β100Updated 6 months ago
- A simple tool designed to create Atomic Red Team tests with ease.β38Updated last week
- Baseline a Windows System against LOLBASβ25Updated 10 months ago
- β74Updated last week
- Simulation of Akira Ransomware with Invoke-AtomicTestβ14Updated 8 months ago
- Placeholder for my detection repo and misc detection engineering contentβ43Updated last year
- This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Responsβ¦β51Updated 5 months ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to theirβ¦β24Updated 4 months ago
- β24Updated 2 years ago
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.β36Updated 2 months ago
- Contains compiled binaries of Volatilityβ33Updated 2 months ago
- β40Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to automβ¦β47Updated 11 months ago