eshlomo1 / CloudSec

Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, or bolstering your blue-team defenses, this repo has you covered.

☆15

Related projects ⓘ

Alternatives and complementary repositories for CloudSec

eshlomo1 / Azure-AD-Incident-Response
Azure AD Incident Response
☆24Updated 3 years ago
JeffMichelmore / MDEKit
☆40Updated last year
invictus-ir / Invictus-training
Repository with supporting materials for Invictus Academy/Training
☆36Updated last month
MHaggis / ASRGEN
ASR Configurator, Essentials and Atomic Testing
☆36Updated 3 weeks ago
Bert-JanP / Sentinel-Automation
Sentinel Logic Apps/Playbooks to automate enrichment, incident analysis and more.
☆75Updated 3 months ago
microsoft / AzDetectSuite
A collection of ARM-based detections for Azure/AzureAD based TTPs
☆80Updated 11 months ago
FalconForceTeam / KQLAnalyzer
REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
☆31Updated 6 months ago
soteria-security / MFArcade
PowerShell script to create reports of M365 User Multi-factor Authentication Registration Status and Highlight MFA Related Conditional Ac…
☆12Updated 6 months ago
DefensiveOrigins / DO-LAB
☆43Updated last month
rootsecdev / Presentations
Presentations from Conferences
☆26Updated 2 months ago
0xAnalyst / DefenderATPQueries
Hunting Queries for Defender ATP
☆73Updated this week
jsa2 / CloudShellAadApps
☆26Updated last year
msdirtbag / ADXFlowmaster
ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.
☆27Updated 3 weeks ago
mr-r3b00t / KQL
This is for my crappy (but hopefully useful) MDE and Sentinel KQL queries! #KQLThePlanet
☆10Updated last year
le0li9ht / Microsoft-Sentinel-Queries
KQL queries for cyber defense and for solving daily issues
☆43Updated last month
secgroundzero / KQL_Reference_Manual
☆40Updated 3 years ago
jsa2 / aadcookiespoof
Azure AD Identity Protection Cookie Spoofing
☆31Updated last year
improsec / 2Cloudz
☆22Updated 2 years ago
center-for-threat-informed-defense / defending-iaas-with-attack
Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…
☆13Updated 8 months ago
Kaidja / EntraID
Automation around Entra ID
☆34Updated 4 months ago
alexverboon / Hunting-Queries-Detection-Rules
KQL Queries. Microsoft Defender, Microsoft Sentinel
☆110Updated this week
rod-trent / SentinelPlaybooks
☆53Updated 4 months ago
SecureHats / Sentinel-playground
Solution to deploy a Sentinel playground demo environment
☆55Updated last year
ugurkocde / KQL-Search
☆30Updated last year
lkarlslund / azureimposter
Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token
☆24Updated last year
securityjoes / Crowdstrike-Deploy
The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.
☆22Updated 3 months ago
olafhartong / WDACme
A WDAC configuration repository with the sole intention of enriching MDE
☆27Updated last year
f-bader / EntraIDAuditLogToMicrosoftGraph
A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri
☆26Updated last month
Neo23x0 / Talks
Slides of my public talks
☆46Updated 11 months ago