Rex-ing indicators out of unstructured text (like an e-mail)
-
Updated
Jan 23, 2024 - PowerShell
Rex-ing indicators out of unstructured text (like an e-mail)
Windows network host hunting at scale!
PowerShell module to build a passphrase by rolling 5 dice against a wordlist - e.g. the one you can find at https://www.eff.org/dice.
A PowerShell script for rapid initial incident response data collection on a potentially breached Windows system.
Triage an IP using powershell
File Watcher - Powershell based file activity monitoring tool
🧰 Various PowerShell scripts for security, sysadmins, blue and red teams👫🏼
a complete course in SOC tier1,notes slides and codes
Windows AD wide windows event collection script for scaled up forensic investigations.
PowerShell scripts concatenating different Yara rules into one master rule file.
PowerShell script to get domain mail info and control status such as MX, SPF, DKIM, DMARC and StartTLS.
A repository containing scripts which allow Loki to log to Windows Event Log.
A PowerShell script to prevent Sysmon from writing its events
PowerShell script to terminate protected processes such as anti-malware and EDRs.
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts that are expired, disabled locked out, or within 1 lockout attempt.
Add a description, image, and links to the blueteam topic page so that developers can more easily learn about it.
To associate your repository with the blueteam topic, visit your repo's landing page and select "manage topics."