Skip to content
View robert-moses's full-sized avatar
🥙
🥙
3 followers · 15 following

Achievements

Achievement: Arctic Code Vault Contributor

Achievements

Achievement: Arctic Code Vault Contributor

Block or report robert-moses

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. Office 365 security baseline and inc...
    1 
    # O365 security baseline and incident response
    2 
    
              
    
              
    
                3
                
    [Basics and Tools](https://gist.github.com/robert-moses/f2a27d75779d1cfc4759b7bf75940520#basics)
    
              
    
              
    
                4
                
    
              
    
              
    
                5
                
    [Email Incident Response steps](https://gist.github.com/robert-moses/f2a27d75779d1cfc4759b7bf75940520#office365-how-to-investigate-email-account-comprimise-or-suspicions-messages)
    
              
    
          
    
    
    
  
    

    2. 

      
  2. 
  
    
    
    
      
    
        
    
            
          IR-Procedures            Public
        
    
      
    


      
    
        IR Procedures Workspace
      
    

      
    
      
    
    
    
  
    

    3. 

      

  3. 
  
    
    
    
      
    
        
        nmap recon scanning        
    

          
    
              
    
                1
                
    # scan and get all output file formats
    
              
    
              
    
                2
                
    nmap –sT –oA Network_Topology –vv 192.168.0.0/24
    
              
    
              
    
                3
                
    #
    
              
    
              
    
                4
                
    # pull the "alive" host IPs from the output
    
              
    
              
    
                5
                
    grep open Network_Topology.gnmap | cut -d" " -f2 > Device_List.txt
    
              
    
          
    
    
    
  
    

    4. 

      
  4. 
  
    
    
    
      
    
        
    
            
          sysmon-config            Public
        
    
      
    

        
    
          Forked from ion-storm/sysmon-config
        
    

      
    
        Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
      
    

      
    
          
  
  Batchfile


          
            
    

            1
          
      
    
    
    
  
    

    5. 












      






  
    
  
  
  
  
  
  

  

  

    
    
    
    
  


  


  
































  

  robert-moses · GitHub



  
  
  

    
  


  




  
  

  
  

    



  

  




    

  

    

    

      

      

    
    
    

      
  
  




      



        


  
  
  
  

  

    


      


    


  

  

  
  
  





  

  

  
    

      


    

      Skip to content

      
    
      
      
      











  
  
  






      

          

              




      
    


  









    





  




    






  

      

        

  
  

    

        

  
  
            


  
            

              



  
    

      
      





            




    

  




  

  
  
      

          

          

  

    

        View robert-moses's full-sized avatar
      
  

    

      


  

    

      
🥙

    

    

        

    

  




    

  


    


    
  


      

      


  

    

      
🥙

    

    

        

    

  




  



  

    

        

              

                
                
  
    
  

              

        



    


    


  


    

      

        
          
          3
          followers
        · 
          15
          following
      

    


  
    




    


  




  


      
    
Achievements
Achievement: Arctic Code Vault Contributor
Achievements
Achievement: Arctic Code Vault Contributor

    
    
    


  
    

  

    

      

        Block or report robert-moses
      

        
    

    

      
    

  

  


      
        
    

      

          
        

        Block user
        

            Prevent this user from interacting with your repositories and sending you notifications.
          Learn more about blocking users.
        






            

              You must be logged in to block users.
            


          

              
          
  

    
      


      
      Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.



          


        

    

    

      Report abuse
      

        Contact GitHub support about this user’s behavior.
        Learn more about reporting abuse.
      

      Report abuse
    



      
      





      



  
        
      

        

          
    







  

  

      Pinned
    
      Loading

    
  


      
    
      

  1. 
  
    
    
    
      
    
        
        Office 365 security baseline and inc...        
    

          
    
              
    
                1
                
    # O365 security baseline and incident response
    
              
    
              
    
                2
                
    
              
    
              
    
                3
                
    [Basics and Tools](https://gist.github.com/robert-moses/f2a27d75779d1cfc4759b7bf75940520#basics)
    
              
    
              
    
                4
                
    
              
    
              
    
                5
                
    [Email Incident Response steps](https://gist.github.com/robert-moses/f2a27d75779d1cfc4759b7bf75940520#office365-how-to-investigate-email-account-comprimise-or-suspicions-messages)
    
              
    
          
    
    
    
  
    

    2. 

      
  2. 
  
    
    
    
      
    
        
    
            
          IR-Procedures            Public
        
    
      
    


      
    
        IR Procedures Workspace
      
    

      
    
      
    
    
    
  
    

    3. 

      

  3. 
  
    
    
    
      
    
        
        nmap recon scanning        
    

          
    
              
    
                1
                
    # scan and get all output file formats
    
              
    
              
    
                2
                
    nmap –sT –oA Network_Topology –vv 192.168.0.0/24
    
              
    
              
    
                3
                
    #
    
              
    
              
    
                4
                
    # pull the "alive" host IPs from the output
    
              
    
              
    
                5
                
    grep open Network_Topology.gnmap | cut -d" " -f2 > Device_List.txt
    
              
    
          
    
    
    
  
    

    4. 

      
  4. 
  
    
    
    
      
    
        
    
            
          sysmon-config            Public
        
    
      
    

        
    
          Forked from ion-storm/sysmon-config
        
    

      
    
        Advanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
      
    

      
    
          
  
  Batchfile


          
            
    

            1
          
      
    
    
    
  
    

    5.