Add: mandiant/Mandiant-Azure-AD-Investigator to DFIR section

2024-10-01 07:45:36 -04:00 · 2022-02-19 22:11:06 +07:00 · 2022-02-19 22:11:06 +07:00 · 5333f70f57
commit 5333f70f57
parent 4746f1e29c
1 changed files with 4 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -1685,6 +1685,10 @@ This repository is created as an online bookmark for useful links, resources and
        <td><a href="https://github.com/MalwareSoup/MitreAttack">MalwareSoup/MitreAttack</a></td>
        <td>Python wrapper for the Mitre ATT&CK framework API</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/mandiant/Mandiant-Azure-AD-Investigator">mandiant/Mandiant-Azure-AD-Investigator</a></td>
+        <td>This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/markbaggett/srum-dump">markbaggett/srum-dump</a></td>
        <td>A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.</td>