Pinned Repositories
ActiveDirectoryInstallation
Active Directory Installation Script
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
ASM-NewDCAdmins
A C# tool to gather the administrators on the domain controller (including local accounts) and detects when it changes.
DefenderNotify
NotifyIcon for Defender from WMI Event Watcher task
Detect-DomainAdmin-Change
Description : A C# tool to detect a change to the domain admins group membership and notify this activity
Detect-Evil-Machine
A C# tool that detects when a computer account is added to any of the created domain security groups.
MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
PopulateActiveDirectory
Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, groups objects, GPOs and network shares required. It also adds ASREProast account, kerberoastable account, and misconfigured ACLs to the domain for testing purposes
RootDSE-ActiveDirectory
This repo contains files that i refer in my blogs
SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
ScarredMonk's Repositories
ScarredMonk/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
ScarredMonk/PopulateActiveDirectory
Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, groups objects, GPOs and network shares required. It also adds ASREProast account, kerberoastable account, and misconfigured ACLs to the domain for testing purposes
ScarredMonk/ActiveDirectoryInstallation
Active Directory Installation Script
ScarredMonk/RootDSE-ActiveDirectory
This repo contains files that i refer in my blogs
ScarredMonk/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
ScarredMonk/DefenderNotify
NotifyIcon for Defender from WMI Event Watcher task
ScarredMonk/Detect-Evil-Machine
A C# tool that detects when a computer account is added to any of the created domain security groups.
ScarredMonk/ASM-NewDCAdmins
A C# tool to gather the administrators on the domain controller (including local accounts) and detects when it changes.
ScarredMonk/Detect-DomainAdmin-Change
Description : A C# tool to detect a change to the domain admins group membership and notify this activity
ScarredMonk/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
ScarredMonk/RedCsharp
Collection of C# projects. Useful for pentesting and redteaming.
ScarredMonk/ASM-NewRemoteAdmins
A C# tool to gather the count of administrators on the crown jewel machine and detects when this number changes
ScarredMonk/DC-Rename
It assists in renaming the Domain Controller correctly if something goes wrong while installation of test AD lab
ScarredMonk/Detect-Spray
A C# tool that detects password spraying attempt by using Active Directory user attributes
ScarredMonk/Compare-Group-Members
A C# tool to detect when a member of Group 1 (for example- helpdesk administrator) is also a member of Group 2 (for example- server administrator)