A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
☆139Jul 23, 2021Updated 4 years ago
Alternatives and similar repositories for attack-guardduty-navigator
Users that are interested in attack-guardduty-navigator are comparing it to the libraries listed below
Sorting:
- ☆375Feb 23, 2024Updated 2 years ago
- Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)☆52Dec 26, 2022Updated 3 years ago
- Resource types that can be publicly exposed on AWS☆331Feb 23, 2022Updated 4 years ago
- AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …☆45Mar 5, 2021Updated 5 years ago
- ☆157Jul 8, 2023Updated 2 years ago
- ☆26Jun 22, 2022Updated 3 years ago
- PolicyGlass allows you to analyse one or more AWS policies' effective permissions in aggregate, by restating them in the form of PolicySh…☆60Jan 9, 2022Updated 4 years ago
- AWS docs, guides, and other tools☆75Feb 4, 2023Updated 3 years ago
- Assorted, MIT licensed, threat hunting rules from @bradleyjkemp☆14Mar 11, 2022Updated 3 years ago
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆189Feb 10, 2021Updated 5 years ago
- SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS☆108Mar 25, 2021Updated 4 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆23Jul 31, 2025Updated 7 months ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated last month
- A python module for orchestrating content acquisitions and analysis via amazon ssm.☆58Nov 2, 2023Updated 2 years ago
- ☆18Dec 6, 2022Updated 3 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆386Apr 3, 2024Updated last year
- Monitor AWS Managed IAM Policies Changes☆493Updated this week
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.☆554Jul 13, 2025Updated 7 months ago
- Cloud Templates and scripts to deploy mordor environments☆129Mar 3, 2021Updated 5 years ago
- Built-in Panther detection rules and policies☆439Mar 2, 2026Updated last week
- A checklist of practices for organizations dealing with account takeover (ATO)☆276Oct 4, 2024Updated last year
- AWS Identity and Access Management Visualizer and Anomaly Finder☆297Jan 23, 2026Updated last month
- This implementation demonstrates the AWS Identity and Access Management (IAM) Access Analyzer policy validation capability. Learn how to …☆24Jun 16, 2022Updated 3 years ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- Open Cloud Security Posture Management Engine☆344Feb 19, 2022Updated 4 years ago
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Catalog Red Team techniques that cause popups in various macOS versions☆15Nov 18, 2024Updated last year
- Ekoparty's BlueSpace Keynote November 2021. Shoutout to @plugxor Muchas Gracias!!!☆13Jun 5, 2023Updated 2 years ago
- A Terraform module for GRR: the distributed incident forensics and response framework☆52May 6, 2020Updated 5 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,544Aug 2, 2024Updated last year
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆605Nov 28, 2024Updated last year
- Blazing CloudTrail since 2018☆138Jan 27, 2019Updated 7 years ago
- ☆1,050Aug 22, 2025Updated 6 months ago
- OWASP Domain Protect - prevent subdomain takeover☆399Dec 23, 2024Updated last year
- ☆139Mar 29, 2023Updated 2 years ago