Script to remove Windows 10 bloatware.

PowerSploit - A PowerShell Post-Exploitation Framework

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

OSCP Cheat Sheet

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

A Powershell incident response framework

A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

Timeline of Active Directory changes with replication metadata

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Resp…

Hardening Active Directory version 2

Real-time Response scripts and schema

The Invoke-TrimarcADChecks.ps1 PowerShell script is designed to gather data from a single domain AD forest based on our similar checks performed during Trimarc’s Active Directory Security Assessmen…

Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a Microsoft 365 environment.