Biff Tannen's repositories
easy-wins-endpoint-defense
Collection of scripts/resources/ideas for attack surface reduction and additional logging to enable better threat hunting on Windows endpoints.
handy-posh
Handy powershell/batch scripts
easy-wins-email-defense
Collection of resources/ideas/recommendations for reducing attack service for Microsoft 365/Microsoft Entra ID (AzureAD). The goal of these are to be EASY, low breakage, and cheap or free.
BetterSecDefaults
An interactive powershell script for Azure/Entra. Creates a set of conditional access policies that will provide improved security over Microsoft's "Security Defaults". This script is primarily for less mature orgs that are perhaps still using Microsofts "Security Defaults" or only have very basic conditional access policies in place.
posh-ransomware-sim
Simulates Ransomware using 4 dummy files for encryption. Uses base64 encodes and common ransomware extension to increase detection chance.
meraki-powershell
Quick powershell script to add meraki client vpn to windows 10