O3-Cyber / azure-security-survival-kit
☆64Updated 5 months ago
Alternatives and similar repositories for azure-security-survival-kit:
Users that are interested in azure-security-survival-kit are comparing it to the libraries listed below
- ☆44Updated 2 weeks ago
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆82Updated last year
- Microsoft Entra ID App Audit Solution (AADAppAudit)☆80Updated 5 months ago
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆57Updated last year
- Azure administrative tiering based on known attack paths☆49Updated this week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆65Updated 8 months ago
- Check you Sentinel environment using Pester infrastructure tests☆29Updated last year
- Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.☆144Updated 3 months ago
- Solution to deploy a Sentinel playground demo environment☆55Updated last year
- Collection of Microsoft Identity Threat Detection and Response resources.☆37Updated 3 weeks ago
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆81Updated this week
- Repository with supporting materials for Invictus Academy/Training☆41Updated 3 weeks ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆134Updated last month
- Sharing my KQL queries for Azure Sentinel☆147Updated this week
- ☆73Updated 7 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Updated last year
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆31Updated 3 months ago
- ☆36Updated last month
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆52Updated last year
- ☆41Updated 9 months ago
- GitHub action for validating Microsoft Sentinel detection rules☆12Updated last year
- Tool for creating reports on Entra ID Role Assignments☆90Updated 9 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆90Updated last year
- A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …☆185Updated 3 months ago
- Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!☆20Updated 5 months ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆25Updated 4 months ago
- A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri☆27Updated 4 months ago
- Ian Hanley's deceptively simple KQL queries.☆46Updated this week
- Repository hosting a static list of Microsoft First party apps and Graph permissions that's updated daily☆105Updated this week
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆139Updated last month