eshlomo1 / CloudSec

Related projects ⓘ

Alternatives and complementary repositories for CloudSec

• Bert-JanP / Sentinel-Automation
  Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
  ☆75Updated 2 months ago
• JeffMichelmore / MDEKit
  ☆40Updated last year
• eshlomo1 / Azure-AD-Incident-Response
  Azure AD Incident Response
  ☆24Updated 3 years ago
• soteria-security / MFArcade
  PowerShell script to create reports of M365 User Multi-factor Authentication Registration Status and Highlight MFA Related Conditional Ac…
  ☆12Updated 5 months ago
• invictus-ir / Invictus-training
  Repository with supporting materials for Invictus Academy/Training
  ☆35Updated last month
• Kaidja / EntraID
  Automation around Entra ID
  ☆34Updated 4 months ago
• jsa2 / CloudShellAadApps
  ☆26Updated last year
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆72Updated last week
• improsec / 2Cloudz
  ☆22Updated 2 years ago
• mr-r3b00t / KQL
  This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet
  ☆10Updated last year
• rootsecdev / Presentations
  Presentations from Conferences
  ☆26Updated last month
• DebugPrivilege / Research
  Repository that contains random short projects like write-ups, PowerShell scripts, and more.
  ☆26Updated this week
• jsa2 / aadcookiespoof
  Azure AD Identity Protection Cookie Spoofing
  ☆31Updated last year
• lkarlslund / azureimposter
  Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
  ☆24Updated last year
• jsa2 / AADAppAudit
  Microsoft Entra ID App Audit Solution (AADAppAudit)
  ☆80Updated 2 months ago
• f-bader / EntraIDAuditLogToMicrosoftGraph
  A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri
  ☆26Updated last month
• sap8899 / reportly
  Reportly is an AzureAD user activity report tool.
  ☆89Updated last year
• O3-Cyber / AzureADRoleMonitor
  ☆44Updated this week
• MHaggis / ASRGEN
  ASR Configurator, Essentials and Atomic Testing
  ☆36Updated last week
• secgroundzero / KQL_Reference_Manual
  ☆40Updated 3 years ago
• alexverboon / Hunting-Queries-Detection-Rules
  KQL Queries. Microsoft Defender, Microsoft Sentinel
  ☆109Updated last month
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆31Updated 6 months ago
• DarwinSec / DEFCON-KQL-KUNG-FU-22
  ☆18Updated 2 years ago
• SecurityAura / DE-TH-Aura
  Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…
  ☆37Updated last week
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆99Updated 4 months ago
• le0li9ht / Microsoft-Sentinel-Queries
  KQL queries for cyber defense and for solving daily issues
  ☆43Updated 3 weeks ago
• soteria-security / AzureInspect
  A series of PowerShell scripts to automate the assessment of Azure IaaS security
  ☆15Updated last week
• LearningKijo / ResearchDev
  ResearchDev - XDR & SIEM Detection
  ☆62Updated 3 weeks ago
• jsa2 / kql
  KQL for Azure Resource Manager and AppID search
  ☆22Updated 2 months ago