Windows 10 notification area app in C# that can paste clipboard contents as keystrokes to whatever location you click.

Various Veeam products related PowerShell scripts

Advanced PowerShell scripts and profile enhancements for common use cases

Tools to help you with daily tasks of configuring/debugging/monitoring Fortinet products - Fortigate, FortiAnalyzer, Fortimanager. I do not work for Fortinet, all contents is created by me except w…

This repo is about Active Directory Advanced Threat Hunting

KQL Queries. Microsoft Defender, Microsoft Sentinel

Azure Sentinel KQL

A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel

KQL Queries. Microsoft Defender, Microsoft Sentinel

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Elastic Security detection content for Endpoint

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Table of AD and Azure assets and whether they belong to Tier Zero

The goal of this repository is to document the most common techniques to bypass AppLocker.

AppLocker hardening policies

Community-driven baseline to accelerate Intune adoption and learning.

The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Access Model.

Microsoft Intune Custom Compliance

Hunting queries and detections

Repository with the scripts that I have used in my blogs on https://powershellisfun.com. If you like these, please sponsor this project using the Sponsor button below or buy me a coffee :) https://…

Sample app for installing Windows updates during an Autopilot deployment

4-D Demo configurations are a collection of configurations which complement the preceeding 3 Ds: Define, Design, and Deploy.

Aggregation of lists of malicious IP addresses, to be blocked in the WAN > LAN direction, integrated into firewalls: FortiGate, Palo Alto, pfSense, IPtables

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

AzureADDeviceCleanup PowerShell script helps to manage the stale devices in Azure AD in an efficient way by giving different options to deal with stale devices in Azure AD.

Get-AADUserLastSignIn.ps1 is a PowerShell script retrieves Azure AD users with their last sign in date.

Perform general security checks against AD environment

A browser extension and API server for detecting corporate password use on external websites