The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
CSS-Exchange Alternatives
Similar projects and alternatives to CSS-Exchange
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
New-KrbtgtKeys.ps1
Discontinued This script will enable you to reset the krbtgt account password and related keys while minimizing the likelihood of Kerberos authentication issues being caused by the operation.
-
exchange_webshell_detection
Discontinued Detect webshells dropped on Microsoft Exchange servers exploited through "proxylogon" group of vulnerabilites (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065)
-
GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
CSS-Exchange reviews and mentions
- Has anyone ran the CVE-2023-23397 script against a large environment?
-
CVE-2023-23397
The MaxServicePointIdleTime property I changed because of what I saw suggested here: https://github.com/microsoft/CSS-Exchange/issues/1581.
-
CVE-2023-23397 - Critical Elevation of Privilege zero-day in Microsoft Outlook, severity 9.8
This is actively exploited, patch immediately. Microsoft also provided a script that checks Exchange items for malicious messaging items: https://github.com/microsoft/CSS-Exchange/blob/a4c096e8b6e6eddeba2f42910f165681ed64adf7/docs/Security/CVE-2023-23397.md
-
// SITUATIONAL AWARENESS // Hunting Microsoft Word NTLM Relay Vulnerability CVE-2023-23397
Microsoft has released a PowerShell script that can be run on Exchange infrastructure to scan email files for malicious UNC paths, however, patching is the preferred mitigation strategy.
-
Exchange 0day exploit in wild
I would expect that installing the URL Rewrite 2 module shouldn't cause any problems -- E2013 as such doesn't care about it. In fact, Microsoft's own EOMT script for the Hafnium mitigations suggests installing it. It'll likely require a reboot, though, or at the very least an IIS restart.
-
Health checker reports unsigned IIS modules (Exchange 2013 CU23)
Yep, the August security update and OS updates were installed on all four nodes. But the order in which they were installed may have been different... I don't recall. Someone just posted above that this is a known problem with Windows 2012/R2: https://github.com/microsoft/CSS-Exchange/pull/1166
- Critical privileged elevation patch incoming next week.
- Exchange Admin?
-
May 2022 Security Update - detection
Which is the latest I can find on Github. This server is running Exchange 2019 CU 11. It has the March updates (KB5012698), but not the May one (KB5014261). You can also verify from the build number it's not up to date. There are no vulnerabilities reported and the only thing in "red" is that TCP keepalive warning.
-
Exchange 2019 still requires obsolete UCM4 installation
https://github.com/microsoft/CSS-Exchange/issues/535 Even the maintainer David Paulson of the ExchangeHealtcheck script opened an issue on this matter, only waiting on feedback of the Exchange Team.
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Stats
microsoft/CSS-Exchange is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of CSS-Exchange is PowerShell.
Popular Comparisons
- CSS-Exchange VS HealthChecker
- CSS-Exchange VS New-KrbtgtKeys.ps1
- CSS-Exchange VS GadgetToJScript
- CSS-Exchange VS exchange_webshell_detection
- CSS-Exchange VS Metasploit
- CSS-Exchange VS badExchangePews
- CSS-Exchange VS Cyber-Defence
- CSS-Exchange VS scanning
- CSS-Exchange VS IISBackdoorDetect
- CSS-Exchange VS postfix
Sponsored