andrewkrug / securing-the-cloud-supplemental
Supplemental templates for securing the cloud.
☆32Updated 6 months ago
Related projects: ⓘ
- ☆133Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆122Updated last year
- Compilation of resources to help with Adversary Simulation automation harness☆99Updated 4 years ago
- ☆83Updated 2 years ago
- pocket guide for core detection engineering concepts☆27Updated last year
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆10Updated last month
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆49Updated 2 years ago
- ☆19Updated 2 years ago
- ☆23Updated last year
- Cloud Templates and scripts to deploy mordor environments☆127Updated 3 years ago
- ☆28Updated 3 years ago
- Identify Azure blobs using a wordlist of account name and container name strings☆31Updated 3 years ago
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- ☆167Updated last year
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆155Updated last month
- AWSATT&CK adds MITRE ATT&CK context and additional logging capabilities to Rhino Security Labs's open-source AWS exploitation framework, …☆45Updated 3 years ago
- Open Threat Hunting Framework☆100Updated last year
- This repo is where I store my Threat Hunting ideas/content☆85Updated last year
- Active Directory Purple Team Playbook☆103Updated last year
- Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation☆24Updated 4 months ago
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆136Updated 3 years ago
- Test case indexes☆35Updated 2 months ago
- ☆42Updated 3 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 4 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆58Updated 4 months ago
- ☆26Updated 2 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆121Updated 4 months ago
- Simple parser to get useful information from AWS S3 logs☆24Updated 3 years ago