pcintula

open-interpreter

A natural language interface for computers

what-happens-when

An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

copy-dialog-lunar-lander

Play lunar lander in you windows file copy dialog

oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

ImportExcel

PowerShell module to import/export Excel spreadsheets, without Excel

windows_hardening

HardeningKitty and Windows Hardening Settings

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Microsoft-365-Defender-Hunting-Queries

Sample queries for Advanced hunting in Microsoft 365 Defender

ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

untitledgoosetool

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

GPOZaurr

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

qcma

Cross-platform content manager assistant for the PS Vita (No longer maintained)

Windows-Dev-Performance

A repo for developers on Windows to file issues that impede their productivity, efficiency, and efficacy

MDE-PowerBI-Templates

A respository for MDATP PowerBI Templates

PowerShell-EWS-Scripts

A collection of PowerShell scripts that use EWS to perform actions against Exchange mailboxes

certrss

msInvader

M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.

DefenderHarvester

Expose a lot of MDE telemetry that is not easily accessible in any searchable form

AADAppAudit

Microsoft Entra ID App Audit Solution (AADAppAudit)

sidr

Search Index Database Reporter

mdefordownlevelserver

MorePortraitsInZero

Adds more portraits (Akatsuki, Azure, and original) in Trails from Zero.

SCOM.Management

SCOM - Management Pack to discover properties and add tasks to make SCOM Admins life easier

EntraIDAuditLogToMicrosoftGraph

A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri