Get started fast with a built out lab, built from scratch via Azure Resource Manager (ARM) and Desired State Configuration (DSC), to test out Microsoft's security products.
☆237Jun 25, 2020Updated 5 years ago
Alternatives and similar repositories for DefendTheFlag
Users that are interested in DefendTheFlag are comparing it to the libraries listed below
Sorting:
- CONVEX is a group of CTFs that are independently deployable into participant Azure environments.☆140May 16, 2022Updated 3 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,079Nov 28, 2024Updated last year
- Powershell module for Microsoft Cloud App Security☆86Aug 29, 2023Updated 2 years ago
- Azure Red Team tool for graphing Azure and Azure Active Directory objects☆1,689Jan 8, 2024Updated 2 years ago
- This repository is used to store the Azure Information Protection Deployment Acceleration Guide☆29May 31, 2019Updated 6 years ago
- SNIcat☆128Aug 19, 2021Updated 4 years ago
- Targeted Payload Execution☆100Apr 9, 2020Updated 5 years ago
- DEPRECATED -> GO TO https://github.com/microsoft/Microsoft-threat-protection-Hunting-Queries☆20Apr 22, 2020Updated 5 years ago
- Sample queries for Advanced hunting in Microsoft 365 Defender☆2,053Feb 17, 2022Updated 4 years ago
- Notebooks created to attack and secure Active Directory environments☆27Nov 18, 2019Updated 6 years ago
- This repo contains workshop material delivered at #nullcon2020☆16Mar 6, 2020Updated 6 years ago
- A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-pur…☆630Mar 21, 2025Updated 11 months ago
- Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 en…☆1,429Dec 27, 2022Updated 3 years ago
- Microsoft Flow Attack Framework☆23Nov 14, 2019Updated 6 years ago
- This script validates the most common Conditional Access policies in Microsoft 365.☆10May 27, 2024Updated last year
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 6 years ago
- Cloud Templates and scripts to deploy mordor environments☆129Mar 3, 2021Updated 5 years ago
- Building environments to replicate small networks and deploy applications☆330Jan 9, 2026Updated 2 months ago
- Execute Mimikatz with different technique☆51Nov 8, 2021Updated 4 years ago
- A collection of scripts for assessing Microsoft Azure security☆2,319Oct 29, 2025Updated 4 months ago
- This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …☆2,478Dec 31, 2025Updated 2 months ago
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,542Feb 5, 2026Updated last month
- ☆71Nov 20, 2020Updated 5 years ago
- Fetching data from system☆11Jun 18, 2017Updated 8 years ago
- This repository is for public files shared by the Microsoft Information Protection Team☆25Jan 6, 2021Updated 5 years ago
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- Re-play Security Events☆1,728Mar 20, 2024Updated last year
- Welcome to the Microsoft Defender for Cloud community repository☆1,885Updated this week
- ☆53Oct 20, 2020Updated 5 years ago
- Bloodhound Reporting for Blue and Purple Teams☆1,281Nov 15, 2025Updated 4 months ago
- PowerShell framework to assess Azure security☆1,261Oct 18, 2025Updated 5 months ago
- A toolkit to attack Office365☆1,116Nov 6, 2020Updated 5 years ago
- Cobalt Strike log state tracking, parsing, and storage☆24Jul 18, 2019Updated 6 years ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆790Oct 29, 2022Updated 3 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.☆491Feb 16, 2019Updated 7 years ago
- Deploy customizable Active Directory labs in Azure - automatically.☆426Dec 5, 2024Updated last year
- Microsoft External Attack Tool☆178Dec 8, 2022Updated 3 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago