iknowjason / GHOSTSPlaygroundLinks
A small security playground implementation of GHOSTS User Simulation framework with an Active Directory deployment and Elastic.
☆18Updated last year
Alternatives and similar repositories for GHOSTSPlayground
Users that are interested in GHOSTSPlayground are comparing it to the libraries listed below
Sorting:
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆18Updated 3 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆82Updated this week
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated last year
- Mapping of open-source detection rules and atomic tests.☆185Updated 10 months ago
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆202Updated this week
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆17Updated 10 months ago
- VirtualGHOST Detection Tool☆97Updated last year
- BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potentia…☆152Updated 2 weeks ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆106Updated last year
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆96Updated 2 months ago
- Online resources related to Detection Engineering. Detection rules, detection logic, attack samples, detection tests and emulation tools…☆126Updated 2 months ago
- An index of publicly available and open-source threat detection rulesets.☆129Updated 7 months ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆32Updated last year
- Automation tool for Windows Deception Host Burn-In☆86Updated 11 months ago
- ☆74Updated this week
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆329Updated 9 months ago
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆39Updated last year
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆117Updated last year
- Security Scripts and Sources for daily usage.☆67Updated last month
- WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale.☆150Updated 5 months ago
- Halberd : Multi-Cloud Agentic Attack Tool☆321Updated last week
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆317Updated last month
- KQL queries for Incident Response☆12Updated 2 years ago
- A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS ac…☆133Updated this week
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆107Updated last year
- God Mode Detection Rules☆134Updated last year
- Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconf…☆77Updated 8 months ago
- A comprehensive GenAI protection system designed to protect against malicious prompts, injection attacks, and harmful content. System inc…☆94Updated last month
- A Kubernetes Forensic Collection Framework for Azure Kubernetes Service☆38Updated 3 months ago
- Offensive Kubernetes Threat Matrix -- kubenomicon.com☆43Updated 3 months ago