Explore 31 curated tools and resources
ScubaGear assesses Microsoft 365 tenant configurations against CISA Secure Configuration Baselines, using PowerShell and Open Policy Agent to compare settings and generate compliance reports.
SharpAppLocker provides a C# adaptation of the Get-AppLockerPolicy cmdlet for managing application control policies.
ForensicMiner, Redefine DFIR Automations
Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.
A collection of Microsoft PowerShell modules for penetration testing purposes.
A PowerShell obfuscation detection framework designed to highlight the limitations of signature-based detection and provide a scalable means of detecting known and unknown obfuscation techniques.
Discontinued project for file-less persistence, attacks, and anti-forensic capabilities on Windows 7 32-bit systems.
Microsoft BitLocker is a full volume encryption feature in Windows for protecting data on lost or stolen devices, with tools and resources for implementation.
PowerForensics is a PowerShell digital forensics framework for hard drive forensic analysis.
A collection of YARA rules for research and hunting purposes.
A tool to secure your shell commands history by clearing sensitive commands
A PowerShell module for threat hunting via Windows Event Logs
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.
A PowerShell-based incident response and live forensic data acquisition tool for Windows hosts.
A collection of PowerShell modules for artifact gathering and reconnaissance of Windows-based endpoints.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
A comprehensive PowerShell cheat sheet covering various tasks and techniques for file management, process management, network operations, and system administration.
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.
Cheat sheet with common enumeration and attack methods for Windows Active Directory.
A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
A PowerShell script to interact with the MITRE ATT&CK Framework via its own API using the deprecated MediaWiki API.
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Monitor WMI consumers and processes for potential malicious activity
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.