Chan9390's Stars
sense-of-security/ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
tenable/access-undenied-aws
Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-sourced by Ermetic.
matanolabs/matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
AzureAD/AzureADAssessment
Tooling for assessing an Azure AD tenant state and configuration
Cloud-Architekt/AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
61106960/adPEAS
Powershell tool to automate Active Directory enumeration.
NetSPI/gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
ScaleSec/terraform_aws_scp
AWS Organizations Service Control Policies (SCPs) written in HashiCorp Terraform.
threatexpress/malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
ssh-mitm/ssh-mitm
SSH-MITM - ssh audits made simple
mondoohq/cnspec
An open source, cloud-native security to protect everything from build to runtime
lawndoc/Respotter
Respotter is a Responder honeypot. Detect Responder in your environment as soon as it's spun up.
hausec/PowerZure
PowerShell framework to assess Azure security
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
rootsecdev/Azure-Red-Team
Azure Security Resources and Notes
OWASP/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
TracecatHQ/tracecat
The open source Tines / Splunk SOAR alternative for security engineers.
rebuy-de/aws-nuke
Nuke a whole AWS account and delete all its resources.
stackrox/stackrox
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.
easttimor/aws-incident-response
mvelazc0/BadZure
BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.
dafthack/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
zmallen/cloudtrail2sightings
Convert cloudtrail data to MITRE ATT&CK Sightings
primeharbor/aws-fast-fixes
Scripts to quickly fix security and compliance issues
FogSecurity/aws-default-encryption-tracker
Tracker for Encryption by Default for AWS Resources
zoph-io/aws-security-survival-kit
Bare minimum AWS Security Alerting and Configuration
awslabs/aws-security-analytics-bootstrap
AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud