Permiso-io-tools / azure-activity-log-axe
Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leverages the "Axe Key," a method created by Nathan Eades of the Permiso P0 Labs team. The Axe Key provides a more consistent grouping of the transactional events of an operation than the traditional built-in Ids.
☆22Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for azure-activity-log-axe
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆42Updated 3 weeks ago
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 9 months ago
- ☆31Updated this week
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆17Updated 2 months ago
- Tool for obfuscating and deobfuscating data.☆63Updated 7 months ago
- Repository with supporting materials for Invictus Academy/Training☆35Updated last month
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆16Updated last week
- A PoC to Simulate Ransomware Attack on AWS Environment☆26Updated 3 weeks ago
- ☆22Updated this week
- Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the …☆62Updated 4 months ago
- ☆21Updated this week
- Anvilogic Forge☆86Updated this week
- Presentations from Conferences☆26Updated last month
- Stupid Simple Detection Testing☆11Updated 8 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆31Updated 6 months ago
- Independently deploy customized honeyservices in AWS to trigger alerts on unauthorized access. It utilizes a dedicated CloudTrail for pre…☆43Updated 6 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated 5 months ago
- Silver SAML forgery tool☆42Updated 8 months ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆24Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆36Updated last month
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆24Updated last year
- ☆42Updated 2 weeks ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆99Updated 4 months ago
- Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations☆78Updated 3 months ago
- Azure AD Identity Protection Cookie Spoofing☆31Updated last year
- Tools for attacking Azure Function Apps☆63Updated 2 weeks ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆98Updated last month
- Slides of my public talks☆46Updated 10 months ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆92Updated 11 months ago