iknowjason / GHOSTSPlaygroundLinks
A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
☆19Updated last year
Alternatives and similar repositories for GHOSTSPlayground
Users that are interested in GHOSTSPlayground are comparing it to the libraries listed below
Sorting:
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated last year
- Mapping of open-source detection rules and atomic tests.☆192Updated 11 months ago
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆19Updated 5 months ago
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆18Updated last year
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆204Updated last month
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆84Updated 3 weeks ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆137Updated last month
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆102Updated last year
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆153Updated 2 months ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆152Updated 2 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆34Updated last year
- An index of publicly available and open-source threat detection rulesets.☆131Updated 8 months ago
- ☆119Updated 7 months ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆102Updated 7 months ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆107Updated 2 years ago
- Automation tool for Windows Deception Host Burn-In☆86Updated last year
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…☆95Updated 2 months ago
- ☆169Updated 3 months ago
- VirtualGHOST Detection Tool☆101Updated last month
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆98Updated 3 months ago
- Automating Security Detection Engineering, published by Packt☆65Updated last year
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆139Updated last month
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- A public collection of detections designed to detect threats associated with the Okta WIC Platform.☆10Updated this week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆81Updated this week
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆119Updated 2 weeks ago
- A Kubernetes Forensic Collection Framework for Azure Kubernetes Service☆39Updated 4 months ago
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.☆19Updated 2 years ago
- NOVA: The Prompt Pattern Matching☆62Updated 2 months ago
- Halberd : Multi-Cloud Agentic Attack Tool☆328Updated 2 weeks ago