andrewkrug / securing-the-cloud-supplemental
Supplemental templates for securing the cloud.
☆36Updated 4 months ago
Alternatives and similar repositories for securing-the-cloud-supplemental:
Users that are interested in securing-the-cloud-supplemental are comparing it to the libraries listed below
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆133Updated 2 years ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Active Directory Purple Team Playbook☆106Updated last year
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆25Updated 11 months ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆200Updated 4 years ago
- ☆93Updated 2 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆55Updated 3 years ago
- Simple parser to get useful information from AWS S3 logs☆25Updated 3 years ago
- Build a attack range in your local machine☆131Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆110Updated 4 months ago
- Open Threat Hunting Framework☆112Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆87Updated last year
- This repo is where I store my Threat Hunting ideas/content☆87Updated last year
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆184Updated 2 years ago
- ☆58Updated 2 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Updated 4 years ago
- Supporting materials for my "Intelligence-Led Adversarial Threat Modelling with VECTR" workshop☆67Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆70Updated 10 months ago
- Compilation of resources to help with Adversary Simulation automation harness☆99Updated 4 years ago
- Identify Azure blobs using a wordlist of account name and container name strings☆40Updated 3 weeks ago
- ☆23Updated last year
- ☆134Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- Full of public notes and Utilities☆98Updated last month
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Purple Teaming Attack & Hunt Lab - Terraform☆158Updated 3 years ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆132Updated last year