Hello world! Below is a quick summary of the PowerShell scripts I'm developing for Security Operations and Automation.
- Active Defense
- Invoke-ActiveDefense
- Start-LogEnrichment
- Start-ProcessReaper
- Invoke-ActiveDefense
- Adversary Emulation
- Invoke-AdversaryEmulation
- Invoke-APT1
- Invoke-AdversaryEmulation
- Compliance
- Invoke-AdScrub
- Invoke-SystemAudit
- Get-Rights
- Get-NtfsPermissions
- Get-Privileges
- Get-IntegrityLevels
- Get-LocalAdmins
- Get-OpenPorts
- Get-Shares
- Get-WirelessComputers
- Invoke-NetworkAudit
- Get-DomainAdmins
- Get-Privileges
- Cyber Effects
- Invoke-CyberEffect
- Start-RollingReboot
- Start-Scareware
- Invoke-CyberEffect
- Incident Response
- Invoke-IncidentResponse
- Get-SuspiciousFile
- Start-Panic
- Stop-EvilProcess
- Block-TrafficToIpAddress
- Unblock-TrafficToIpAddress
- Invoke-IncidentResponse
- Systems Administration
- Invoke-Sysadmin
- Enable-WinRm
- Get-Asset
- Get-DiskSpace
- Move-Logs
- Remove-Program
- Invoke-Sysadmin
- Threat Hunting
- Invoke-ThreatHunt
- Get-IpAddressFromFirewallLog
- Invoke-ThreatHunt