iknowjason / GHOSTSPlaygroundLinks
A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
☆19Updated last year
Alternatives and similar repositories for GHOSTSPlayground
Users that are interested in GHOSTSPlayground are comparing it to the libraries listed below
Sorting:
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆19Updated 6 months ago
- Mapping of open-source detection rules and atomic tests.☆193Updated last year
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated 2 years ago
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆204Updated 2 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆17Updated last year
- An index of publicly available and open-source threat detection rulesets.☆131Updated 9 months ago
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…☆95Updated 3 months ago
- VirtualGHOST Detection Tool☆104Updated last month
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆137Updated 2 months ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆102Updated last year
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆119Updated last month
- Automation tool for Windows Deception Host Burn-In☆86Updated last year
- ☆74Updated 2 weeks ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆40Updated last year
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆102Updated 8 months ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆152Updated 2 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆35Updated last year
- MCP to help Defenders Detection Engineer Harder and Smarter☆118Updated last week
- 🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.☆82Updated 9 months ago
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆138Updated 2 months ago
- KQL queries for Incident Response☆14Updated 2 years ago
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆152Updated this week
- ☆120Updated 8 months ago
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆107Updated 2 years ago
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆12Updated 3 weeks ago
- ☆50Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆80Updated 3 weeks ago
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆165Updated last month