Ray's starred repositories
no-defender
A slightly more fun way to disable windows defender + firewall. (through the WSC api)
TeamsPhisher
Send phishing messages and attachments to Microsoft Teams users
FalconFriday
Hunting queries and detections
365Inspect
A PowerShell script that automates the security assessment of Microsoft 365 environments.
KQL-threat-hunting-queries
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
Microsoft-Extractor-Suite
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
SOC-Multitool
A powerful and user-friendly browser extension that streamlines investigations for security professionals.
trustymail
Scan domains and return data based on trustworthy email best practices
crowdstrike-falcon-queries
A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon
ScubaGoggles
SCuBA Security Configuration Baselines and assessment tool for Google Workspace
PingCastle-Notify
Monitor your PingCastle scans to highlight the rule diff between two scans
nginx-cloudflare-real-ip
This project aims to modify your nginx configuration to let you get the real ip address of your visitors.