Alternatives and similar repositories for DEFCON-KQL-KUNG-FU-22:

Users that are interested in DEFCON-KQL-KUNG-FU-22 are comparing it to the libraries listed below

• improsec / 2Cloudz
  ☆22Updated 2 years ago
• BreakingMhet / honeyzure
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆16Updated 9 months ago
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 3 months ago
• DefensiveOrigins / DO-LAB
  ☆46Updated last week
• BloodHoundAD / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆26Updated last year
• AlrikRr / ActiveDirectory_Lab
  Active DIrectory Lab for Pentesting Practice
  ☆24Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated last year
• NVISOsecurity / nviso-cti
  ☆41Updated 11 months ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 4 months ago
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆25Updated 2 years ago
• brokensound77 / LoFP
  Living off the False Positive!
  ☆34Updated last month
• EspressoCake / MITRE_ATTACK_CLI
  CLI Search for Security Operators of MITRE ATT&CK URLs
  ☆16Updated 2 years ago
• sleeptok3n / RoleCrawl
  ☆20Updated last year
• HillsyCyberSec / CheatSheet
  ☆10Updated 7 months ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated last year
• ManuelBerrueta / urlyzer
  urlyzer is a URL parsing analysis tool.
  ☆21Updated 7 months ago
• joswr1ght / nmapsilent
  Convert Nmap output for integration with other Project Discovery tools
  ☆14Updated last year
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆27Updated 6 months ago
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆47Updated 3 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆51Updated last year
• RedTeamOperations / GoogleWorkspaceDirectoryDump
  ☆16Updated 2 years ago
• securityjoes / Crowdstrike-Deploy
  The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆22Updated 6 months ago
• init5-SF / CARTP-Scripts
  Random scripts that I used in the CARTP course lab & final exam.
  ☆10Updated last year
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆59Updated 2 years ago
• Securityinbits / cheatsheet
  These are some of the commands which I use frequently during Malware Analysis and DFIR.
  ☆24Updated last year
• 8com / bloodhound-adAnalysis
  Automation of Active Directory penetration testing tasks on top of BloodHound CE
  ☆34Updated last year
• LuemmelSec / SAML2Spray
  Python Script for SAML2 Authentication Passwordspray
  ☆37Updated last year
• redcanaryco / ansible-atomic-red-team
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆26Updated 8 months ago