- Hardening
- Basics in Hardening
- Disabling Services
- Scripts (for AD Hardening, PS Incident Response)
- AD Hardening
- Other Logging Information
- Windows Event Viewer, Sysinternals Basics
- Sysinternals and Sysmon Setup
- Includes a suite of tools to monitor Windows Systems
- mentions other tools like osquery and autoruns
- Sysinternals Tools
- Currently documented tools:
- tcpview (network analysis)
- procexp (process analysis)
- procmon (process analysis))
- sysmon (logging)
- more to be added
- DeepBlueCLI
- a PowerShell Module for Threat Hunting via Windows Event Logs
- a logging tool
- winPEAS
- scans to find Privilege Escalation Paths
- Comptetition Checklist
- Checklist for setup/harden phase and incident response phase