andrewkrug / securing-the-cloud-supplemental

Related projects: ⓘ

• SygniaLabs / security-cloud-scout
  ☆133Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆64Updated 6 months ago
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 3 years ago
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆122Updated last year
• timfrazier1 / AdversarySimulation
  Compilation of resources to help with Adversary Simulation automation harness
  ☆99Updated 4 years ago
• k-bailey / detection-engineering-maturity-matrix
  ☆83Updated 2 years ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆27Updated last year
• iknowjason / CMLab
  Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…
  ☆10Updated last month
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆49Updated 2 years ago
• TareqAlKhatib / ATTACK_data_sources
  ☆19Updated 2 years ago
• karimelmel / cloud-security-bootcamp
  ☆23Updated last year
• OTRF / SimuLand
  Cloud Templates and scripts to deploy mordor environments
  ☆127Updated 3 years ago
• bengoerz / PurpleTeamDocs
  ☆28Updated 3 years ago
• joswr1ght / basicblobfinder
  Identify Azure blobs using a wordlist of account name and container name strings
  ☆31Updated 3 years ago
• ssnkhan / adversarial-threat-modelling
  Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
  ☆50Updated 2 years ago
• XMCyber / XMGoat
  ☆167Updated last year
• iknowjason / edge
  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.
  ☆155Updated last month
• blackbotsecurity / AWS-Attack
  AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …
  ☆45Updated 3 years ago
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆100Updated last year
• paladin316 / ThreatHunting
  This repo is where I store my Threat Hunting ideas/content
  ☆85Updated last year
• mvelazc0 / PurpleTeamPlaybook
  Active Directory Purple Team Playbook
  ☆103Updated last year
• Resistor52 / terraform-cloud-workstation
  Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation
  ☆24Updated 4 months ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆136Updated 3 years ago
• SecurityRiskAdvisors / indexes
  Test case indexes
  ☆35Updated 2 months ago
• DefensiveOrigins / DO-LAB
  ☆42Updated 3 months ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆75Updated 4 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆58Updated 4 months ago
• schwartz1375 / Threat-Hunting-in-AWS
  ☆26Updated 2 years ago
• center-for-threat-informed-defense / caldera_pathfinder
  Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…
  ☆121Updated 4 months ago
• joswr1ght / s3logparse
  Simple parser to get useful information from AWS S3 logs
  ☆24Updated 3 years ago