系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
-
Updated
May 26, 2024 - C++
系统监控开发套件(sysmon、procmon、edr、终端安全、主机安全、零信任、上网行为管理、沙箱)
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md
Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC
Windows Exploit Protection Settings (Ultimate)
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
A user-friendly PDF DoS Detector. Contributions are most welcome!
Easily create, deploy, and edit Windows Defender Application Control (WDAC) policies. Allows for careful review of app information before trusting WDAC rules. Manage your policies with WinRM (remote PowerShell) and SQLite.
PowerShell Repository of Soundness [sndnss]
Extracted Yara rules from Windows Defender mpavbase and mpasbase
BintaryPlant.com - ARP Defender
Converting Malicious Joe Sandbox Results to MDE IOC Lists and TenantAllowBlockLists
PowerShell repository for Microsoft 365 assessment module
Tools and Techniques for Blue Team / Incident Response
obfuscate text via node to make scraping your content really difficult
Azure Virtual Machine (VM) with Just-in-Time access
Add a description, image, and links to the defender topic page so that developers can more easily learn about it.
To associate your repository with the defender topic, visit your repo's landing page and select "manage topics."