Lists (10)
Stars
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made wβ¦
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as welβ¦
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team pβ¦
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
PowerShell Digital Forensics & Incident Response Scripts.
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
A collection of red team and adversary emulation resources developed and released by MITRE.
PowerShell tools to help defenders hunt smarter, hunt harder.
A powershell module for hiding payloads in the pixels of images