Permiso-io-tools / azure-activity-log-axe
Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leverages the "Axe Key," a method created by Nathan Eades of the Permiso P0 Labs team. The Axe Key provides a more consistent grouping of the transactional events of an operation than the traditional built-in Ids.
☆22Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for azure-activity-log-axe
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆17Updated 2 months ago
- ☆33Updated 2 weeks ago
- Repository with supporting materials for Invictus Academy/Training☆37Updated last month
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆16Updated 3 weeks ago
- Anvilogic Forge☆86Updated this week
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 10 months ago
- Presentations from Conferences☆26Updated 2 months ago
- Tool for obfuscating and deobfuscating data.☆64Updated 8 months ago
- ☆22Updated 2 years ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆28Updated last month
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆31Updated 6 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆25Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆43Updated last month
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆100Updated 4 months ago
- ☆24Updated 2 weeks ago
- ASR Configurator, Essentials and Atomic Testing☆36Updated 3 weeks ago
- Tools for attacking Azure Function Apps☆63Updated 3 weeks ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆44Updated last week
- Stupid Simple Detection Testing☆12Updated 8 months ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated 5 months ago
- ☆44Updated this week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆18Updated 3 months ago
- Defender Resource Hub☆14Updated last month
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆62Updated 6 months ago
- ☆18Updated 2 years ago
- Baseline a Windows System against LOLBAS☆25Updated 6 months ago
- ☆15Updated last year