Pinned Repositories
2022
Speaker content from NIC2022
AAD-Group-Writeback-Script
This repository contains a script that can take certain groups in an Azure Active Directory, defined by a scope, writing them back to onpremises Active Directory, including group memberships
ADACLScanner
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods with proper explanation | Always up-to-date and works with the latest build of Windows
Intune-ACSC-Windows-Hardening-Guidelines
Collection of Intune policies that could assist with implementing ACSC's Windows hardening guidance.
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
Security-ADMX
Custom ADMX template focused on hardening Windows 10 systems
windows_hardening
Windows Hardening settings and configurations
windows_security
Is Windows a joke or are you? 🧢
WindowsPowerShell
PowerShell functions, scripts and modules
c3rberus's Repositories
c3rberus/AAD-Group-Writeback-Script
This repository contains a script that can take certain groups in an Azure Active Directory, defined by a scope, writing them back to onpremises Active Directory, including group memberships
c3rberus/AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
c3rberus/CA-Export
c3rberus/Intune-ACSC-Windows-Hardening-Guidelines
Collection of Intune policies that could assist with implementing ACSC's Windows hardening guidance.
c3rberus/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
c3rberus/Security-ADMX
Custom ADMX template focused on hardening Windows 10 systems
c3rberus/windows_security
Is Windows a joke or are you? 🧢
c3rberus/Cloudmare
Cloudflare, Sucuri, Incapsula real IP tracker.
c3rberus/Dynamically-Update-Primary-Users-on-Intune-Managed-Devices
This repository hosts various scripts and tools that I have created and/or referenced in my blog.
c3rberus/EnableWindowsLogSettings
Documentation and scripts to properly enable Windows event logs.
c3rberus/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
c3rberus/hugocodex
A website for front-end developers who want to learn Hugo.
c3rberus/KQL
Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
c3rberus/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
c3rberus/MEM-Patching-Optimizer
This tool run various tests against your WSUS & ConfigMgr environment, Including WSUS, SQL & IIS and provide feedback based on Microsoft best practices
c3rberus/Office365
Office 365 scripts and information
c3rberus/OlapPivotTableExtensions
OLAP PivotTable Extensions is an Excel add-in which extends the functionality of PivotTables on Analysis Services cubes and of the Excel Data Model (Power Pivot)
c3rberus/Optics-Threat-Hunting
Some threat hunting utilities for Cylance Optics.
c3rberus/osquery-defense-kit
Production-ready detection & response queries for osquery
c3rberus/review-checklists
This repo contains code and examples to operationalize spreadsheet-based checklists that can be used for Azure design reviews on multiple technologies.
c3rberus/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
c3rberus/sigma
Main Rule Repository
c3rberus/SIGMA-detection-rules
Set of SIGMA rules (>320) mapped to MITRE Att@k tactic and techniques
c3rberus/smbmap
SMBMap is a handy SMB enumeration tool
c3rberus/Splunk-input-windows-baseline
Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE Att&CK
c3rberus/TheDefendersGuide
The Github project for The Defender's Guide by Luke Paine and Jonathan Johnson
c3rberus/theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
c3rberus/uac
UAC is a Live Response collection script for Incident Response that makes use of native binaries and tools to automate the collection of AIX, Android, ESXi, FreeBSD, Linux, macOS, NetBSD, NetScaler, OpenBSD and Solaris systems artifacts.
c3rberus/WELA
WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅(ウェラ)
c3rberus/Windows-Penetration-Testing
Technical notes and list of tools, scripts and Windows commands that I find useful during internal penetration tests