Stars
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
AIHawk aims to easy job hunt process by automating the job application process. Utilizing artificial intelligence, it enables users to apply for multiple jobs in a tailored way.
techspence / Locksmith
Forked from jakehildreth/LocksmithA tool to identify and remediate common misconfigurations in Active Directory Certificate Services
ScriptSentry finds misconfigured and dangerous logon scripts.
Identify the accounts most vulnerable to dictionary attacks
A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
A collection of red teaming and adversary emulation related tools, scripts, techniques, notes, etc
msp4msps / ScubaGear
Forked from cisagov/ScubaGearAutomation to assess the state of your M365 tenant against CISA's baselines
A tool collection for filtering and visualizing logon events. Designed to help answering the "Cotton Eye Joe" question (Where did you come from where did you go) in Security Incidents and Threat Hunts
Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
Welcome to the SEKOIA.IO Community repository!
A repository to share publicly available Velociraptor detection content
A really good DFIR automation for collecting and analyzing evidence designed for cybersecurity professionals.
Backdoors & Breaches: Campaigns. These are short guides to help Incident Captains by giving them game ideas based on actual breaches.
PowerShell examples for articles published on https://office365itpros.com and https://practical365.com. See https://o365itpros.gumroad.com/l/M365PS for the Automating Microsoft 365 with PowerShell …
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments
DFIQ is a collection of investigative questions and the approaches for answering them
RustyBlue is a rust implementation of DeepblueCLI, a forensics log analyzer for finding evidence of compromise from windows event logs.
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and r…
A collection of PowerShell scripts I have created during my career - some from IT - most related to Computer Incident Response
RedEye is a visual analytic tool supporting Red & Blue Team operations
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (pa…