Alternatives and similar repositories for DEFCON-KQL-KUNG-FU-22

Users that are interested in DEFCON-KQL-KUNG-FU-22 are comparing it to the libraries listed below

• improsec / 2Cloudz
  ☆25Updated 3 years ago
• DefensiveOrigins / DO-LAB
  ☆47Updated last month
• securityjoes / Crowdstrike-Deploy
  The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
  ☆23Updated this week
• sleeptok3n / RoleCrawl
  ☆21Updated last year
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆18Updated 4 years ago
• Retrospected / PurpleKeep
  Providing Azure pipelines to create an infrastructure and run Atomic tests.
  ☆52Updated last year
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 7 months ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆51Updated 2 years ago
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated 2 years ago
• chipmanfu / Cyber-Range
  create a "simulated internet" cyber range environment
  ☆16Updated this week
• brokensound77 / LoFP
  Living off the False Positive!
  ☆37Updated 4 months ago
• AlrikRr / ActiveDirectory_Lab
  Active DIrectory Lab for Pentesting Practice
  ☆24Updated 2 years ago
• BloodHoundAD / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆27Updated last year
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆49Updated 3 years ago
• BreakingMhet / honeyzure
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆16Updated 11 months ago
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆32Updated 3 weeks ago
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 5 months ago
• Semperis / SilverSamlForger
  Silver SAML forgery tool
  ☆52Updated last year
• PwnDefend / Active_Directory_ADSI_Audit_Powershell
  blame Huy
  ☆42Updated 4 years ago
• elementalsouls / DumpLSASS
  ☆33Updated last year
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 2 years ago
• HillsyCyberSec / CheatSheet
  ☆10Updated 9 months ago
• invictus-ir / IOCs
  Invictus Threat Intelligence: IOCs and TTPs from blogs, research and more
  ☆11Updated last week
• MSAdministrator / goattck
  A Golang CLI for the MITRE ATT&CK Framework
  ☆12Updated last month
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• MHaggis / ShellSweep
  ShellSweeping the evil.
  ☆52Updated 11 months ago
• Atomics-on-A-Friday / Emulation-Tools
  ☆32Updated 2 years ago
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆42Updated last month
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆26Updated 2 years ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆39Updated last year