Lists (1)
Stars
Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're diving into offensive strategies, mastering threat hunting, o…
A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
Collects LDAP Query Performance Events and analyzes them to CSV & Grid. Helps in identifying large or unusual LDAP queries, either for Threat Hunting or IT optimization
Turn PuTTY into an SSH login bruteforcing tool.
Repository of attack and defensive information for Business Email Compromise investigations
A collection of resources for Threat Hunters
DFIRTrack - The Incident Response Tracking Application
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
small python3 tool to check common vulnerabilities in SMTP servers
Create a local Kubernetes development environment on macOS or Windows and WSL2, including HTTPS/TLS and OAuth2/OIDC authentication.
AADInternals PowerShell module for administering Azure AD and Office 365
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Welcome to the Microsoft Defender for Cloud community repository
Repository with Sample KQL Query examples for Threat Hunting
All about ransomware notes and extension files.
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Guides, articles, and a lot of Azure Monitor information
Microsoft Sentinel SOC Operations
Python3 tool to perform password spraying against Microsoft Online service using various methods