AzureAD-Attack-Defense
Attack defense playbook
A collection of attack scenarios and mitigation strategies for Microsoft Entra ID
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
2k stars
80 watching
320 forks
Language: PowerShell
last commit: about 1 month ago
Linked from 1 awesome list
azureactivedirectoryitdrmicrosoftentraidmicrosoftsentinel
kyuu-ji/awesome-azure-pentestRelated projects:
| Repository | Description | Stars |
|---|---|---|
 azuread/azure-ad-incident-response-powershell-module | Provides tools to help respond to security incidents in Azure Active Directory by automating tasks and data retrieval. | 424 |
 azure/microsoft-defender-for-cloud | Provides tools and resources for programmatically managing cloud security with Microsoft Defender | 1,717 |
| azure/simuland | A collaboration to create realistic test environments for simulating real-world attacks and improving detection strategies. | 704 |
| azuread/azureadassessment | A toolset for assessing the state and configuration of Azure Active Directory tenants using PowerShell scripts. | 761 |
 datadog/stratus-red-team | Provides a tool to emulate offensive attack techniques in the cloud | 1,863 |
 trouble-1/vajra | A tool for simulating attacks on cloud environments such as Azure and AWS | 378 |
 trustoncloud/threatmodel-for-aws-s3 | An inventory of common attack scenarios on Amazon S3 storage and recommended countermeasures | 151 |
 center-for-threat-informed-defense/adversary_emulation_library | Provides a collection of plans to test defenses against real-world cyber threats. | 1,737 |
 deanofcyber/active-directory-penetration-testing-and-security | A collection of resources and documentation for testing and securing Active Directory environments | 30 |
 esonhugh/attack_code | An introductory article on cloud security and development, covering various aspects of cloud computing, including infrastructure, storage, deployment, and security. | 536 |
 ad-attacks/active-directory-penetration-testing | A comprehensive resource for learning and practicing penetration testing on Active Directory infrastructures | 16 |
 sergiomarotco/azure-devops-server-supply-chain-attack-tree | An attack tree model for identifying potential security vulnerabilities in an Azure DevOps Server supply chain. | 7 |
 mgeeky/azurert | A PowerShell module for interacting with Azure and Azure AD from an offensive perspective. | 227 |
| azure/azure-dev | A command-line interface tool for creating Azure applications and streamlining developer workflows. | 417 |
 mitre-atlas/arsenal | Provides tools and techniques for simulating AI-enabled system attacks in a controlled environment. | 85 |