Explore 14 curated tools and resources
Want your tool featured here?
Get maximum visibility with pinned placement
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
A Windows security hardening tool that disables potentially dangerous features in Windows 10/11 and common applications to reduce attack surface for individual users.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.
A Windows kernel driver intentionally designed with various vulnerabilities to help security researchers practice kernel exploitation techniques.
An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.
An exploration of a new method to abuse DCOM for remote payload execution and lateral movement.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Scan files or process memory for Cobalt Strike beacons and parse their configuration.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Dependencies is an open-source modern replacement for Dependency Walker that helps Windows developers analyze and troubleshoot DLL load dependency issues.
Connect and learn from experts and peers in the Microsoft Community Hub.
Connect and learn from experts and peers in the Microsoft Community Hub.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
Enhances Windows OS security through system modifications and settings adjustments.
Enhances Windows OS security through system modifications and settings adjustments.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
A repository containing scripts and configuration files to help administrators implement Microsoft AppLocker for application whitelisting based on NSA security guidelines.
Malware allows attackers to execute Windows commands from a remote environment
Malware allows attackers to execute Windows commands from a remote environment
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.
A three-part educational series documenting techniques for achieving domain administrator privileges in Windows environments, covering attack methods, defenses, and remediation strategies.