kimoppalfens's Stars
trustedsec/specula
DebugPrivilege/RandomizedProjects
Repository that contains random short projects like write-ups, PowerShell scripts, and more.
KQLMSPress/definitive-guide-kql
Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
JayRHa/EndpointAnalyticsRemediationScripts
LearningKijo/SecurityResearcher-Note
Cover various security approaches to attack techniques and also provides new discoveries about security breaches.
MSEndpointMgr/PSInvoker
Utility application to silently running PowerShell scripts without flashing windows.
RedByte1337/GraphSpy
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
netero1010/EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
strandjs/IntroLabs
These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.
nicolonsky/IntuneDriveMapping
Generate PowerShell scripts to map network drives on Intune managed Windows 10 devices
subat0mik/Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
IntunePMFiles/DeviceConfig
LearningKijo/MDEtester
MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.
olafhartong/DefenderHarvester
Expose a lot of MDE telemetry that is not easily accessible in any searchable form
AlexFilipin/ConditionalAccess
tkmru/awesome-edr-bypass
Awesome EDR Bypass Resources For Ethical Hacking
Bert-JanP/Hunting-Queries-Detection-Rules
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
MicrosoftDocs/security
Public repo to sync with security-pr
tomwechsler/Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat Hunting
MSEndpointMgr/IntuneWin32App
Provides a set of functions to manage all aspects of Win32 apps in Microsoft Intune.
petripaavola/Get-IntuneManagementExtensionDiagnostics
Get-IntuneManagementExtensionDiagnostics script analyzes Intune IME logs and shows events in Timeline
1njected/CMvarDecrypt
MWR-CyberSec/PXEThief
PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
Ben0xA/EventIDMap
Map the Event ID to the Advanced Audit Policy and URL in JSON format
gtworek/PSBits
Simple (relatively) things allowing you to dig a bit deeper than usual.
hfiref0x/AuthHashCalc
Authenticode Hash Calculator for PE32/PE32+ files
tomwechsler/Microsoft_Graph
Manage Azure and Microsoft 365 with the Microsoft Graph PowerShell SDK!
JoelGMSec/PSRansom
PowerShell Ransomware Simulator with C2 Server
HotCakeX/Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
hasherezade/exe_to_dll
Converts a EXE into DLL