Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

Real-time HTTP Intrusion Detection

Audit Windows Security with best Practice

Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests

Bloodhound Reporting for Blue and Purple Teams

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

The FLARE team's open-source tool to identify capabilities in executable files.