Microsoft
Browse 135 microsoft tools
FEATURED
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.
Automated and flexible approach for deploying Windows 10 with security standards set by the DoD.
Microsoft BitLocker is a Windows-integrated full volume encryption solution that protects data on devices through disk-level encryption with enterprise deployment and management capabilities.
A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.
MSBuildAPICaller is an offensive security tool that enables interaction with the MSBuild API to execute arbitrary scripts for red teaming and penetration testing purposes.
Connect and learn from experts and peers in the Microsoft Community Hub.
A comprehensive SQL injection cheat sheet covering various database management systems and techniques.
A library for accessing and parsing OLE 2 Compound File (OLECF) format files, including Microsoft Office documents and thumbs.db files.
A week-long series of articles and talks on evading Microsoft Advanced Threat Analytics (ATA) detection
Compares target's patch levels against Microsoft vulnerability database and detects missing patches.
EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.
A comprehensive collection of SQL injection syntax references and payloads for testing various database management systems during penetration testing and security assessments.
