Event-Forwarding-Guidance
commando-vm
Event-Forwarding-Guidance | commando-vm | |
---|---|---|
4 | 9 | |
787 | 6,693 | |
- | 1.3% | |
0.0 | 4.3 | |
over 3 years ago | 21 days ago | |
PowerShell | PowerShell | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Event-Forwarding-Guidance
-
Which event id's are generated from advanced auditing policies?
See https://github.com/nsacyber/Event-Forwarding-Guidance/tree/master/Events.
-
DC's are drowning in Event 521 security events
NSA has some good guidance of which ones are of value here
-
Suspect user of clearing security log on server, what are my next steps?
Your next step is to implement Event Forwarding using NSA's handy scripts to a centralized logging server or repository.
-
For those that use windows log forwarding, what are you forwarding?
Good guide here - https://github.com/nsacyber/Event-Forwarding-Guidance
commando-vm
-
Create Gold Image from Custom Windows VM
I have a customised version of Windows 10 (https://github.com/mandiant/commando-vm) that I want to be able to install as a base image onto new hard drives.
- Virtual Machine Setup for Training
-
Security VMs
For a windows based vm I can recommend using commando-vm. https://github.com/mandiant/commando-vm
- This is a college penetration course that uses "Windows Programs" - but my professor is valid.
-
Issues installing Kali on USB
I highly recommend that you look into Commando VM.
-
Own pentesting os?
Meanwhile, Fireeye - a 4 Billion US Dollar Cyber Security Company - developed & maintains Commando VM.
-
Auto-setup my Kali Linux install?
I downloaded and messed around with Mandiant's Commando and I thought it was cool how you basically just ran the ps script and it installed and setup everything.
-
Working on Linux in virtual machine seems too slow. Why do people use it?
If you wanna use windows for hacking, install this - https://github.com/mandiant/commando-vm, closest thing to a kali linux equiv in windows - Dont use the commando vm with any private data. Its important to isolate your personal computer usage and ethical hacking usage. You could also get hackthebox premium to get your own 24/7 PwnBox which will give you your own virtualised hacking platform for the time being.
What are some alternatives?
sysmon-config - Sysmon configuration file template with default high-quality event tracing
flare-vm - A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Windows-10-Sophia-Script - :zap: A powerful PowerShell module for fine-tuning and tweaking Windows 10 & Windows 11 [Moved to: https://github.com/farag2/Sophia-Script-for-Windows]
Penetration-Testing-Tools - A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
Scoop - A command-line installer for Windows.
clevelandsteamer - Un-sh*t your Windows install
Sophia-Script-for-Windows - :zap: The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11
cloudinit - Official upstream for the cloud-init: cloud instance initialization
SpotX-Win - Blocking ads and updates for the desktop version of Spotify, disabling podcasts and more. [Moved to: https://github.com/amd64fox/SpotX]
optimized-azerty-win - AFNOR Compliant AZERTY Keyboard Layout driver for Windows
packer-plugin-windows-update - Packer plugin for installing Windows updates
JoplinPortable - Joplin for PortableApps.com