iknowjason / GHOSTSPlaygroundLinks
A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
☆18Updated last year
Alternatives and similar repositories for GHOSTSPlayground
Users that are interested in GHOSTSPlayground are comparing it to the libraries listed below
Sorting:
- Mapping of open-source detection rules and atomic tests.☆176Updated 8 months ago
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆17Updated last month
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆78Updated 2 weeks ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆196Updated last year
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆117Updated 2 weeks ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year
- An index of publicly available and open-source threat detection rulesets.☆124Updated 5 months ago
- VirtualGHOST Detection Tool☆92Updated last year
- ☆146Updated this week
- ☆116Updated 3 months ago
- A tool that allows you to document and assess any security automation in your SOC☆47Updated 10 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆16Updated 8 months ago
- Automating Security Detection Engineering, published by Packt☆62Updated 11 months ago
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆147Updated last week
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆105Updated last year
- Security Scripts and Sources for daily usage.☆65Updated 3 months ago
- A collection of various SIEM rules relating to malware family groups.☆69Updated last year
- Finding ClickFix and FakeCAPTCHA like it's 1999☆58Updated this week
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆117Updated 11 months ago
- Anvilogic Forge☆107Updated this week
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated last year
- KQL queries for Incident Response☆12Updated last year
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆27Updated 9 months ago
- Generate a matrix based on an inventory of InfoSec tools☆23Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆147Updated last week
- Automation tool for Windows Deception Host Burn-In☆86Updated 9 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆128Updated last year
- TTPMapper is an AI-driven threat intelligence parser that converts unstructured reports whether from web URLs or PDF files into structure…☆45Updated 2 months ago
- ☆101Updated 2 months ago
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆78Updated 5 months ago