Lists (17)
Sort Name ascending (A-Z)
Stars
Cloud Offensive Breach and Risk Assessment (COBRA) Tool
Analyses Azure AD users to make recommendations on how to improve each user's MFA configuration. Can target a group by ObjectId or analyse all users in a tenant. Can add user-specific location info…
Automation to assess the state of your M365 tenant against CISA's baselines
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
AzureGoat : A Damn Vulnerable Azure Infrastructure
PowerShell framework to assess Azure security
A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Configurations for the GraphAPI with recommendations for Azure AD Conditional Access Policies, Groups, Endpoint Manager (Intune) Application and Device Policies, in an Azure DevOps CI/CD Pipeline
Validate and translate regular Tabular models in Push Datasets, also providing helper functions to clear, populate, and simulate real-time transactions.
Additional resources to improve customer experience with Microsoft Defender for Identity
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
AADInternals PowerShell module for administering Azure AD and Office 365
PowerShell module for Office 365 and Azure log collection
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Warning lists to inform users of MISP about potential false-positives or other information in indicators
Completed project for Build Python apps with Microsoft Graph
kubeaudit helps you audit your Kubernetes clusters against common security controls
Tool for auditing RBACs in Kubernetes
Kubernetes Security - Best Practice Guide
Kubernetes security notes and best practices
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Kubernetes Security Training Platform - focusing on security mitigation
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…
A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.
500+ PowerShell sample scripts (.ps1) for every system!