AzureHunter
Cloud forensics analyzer
A tool to analyze and mine cloud forensic data from Azure and O365 audit logs.
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
770 stars
22 watching
85 forks
Language: PowerShell
last commit: about 2 years ago azforensicsazureazure-forensicsazuresearchercloud-forensicscybersecuritydfirdigital-forensicsincident-responsepowershellv5threat-huntingthreathuntingunifiedauditlog
Related projects:
| Repository | Description | Stars |
|---|---|---|
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 148 |
 t0pcyber/hawk | A PowerShell-based tool designed to facilitate forensic analysis in O365 environments by gathering and organizing relevant data. | 708 |
 azure/cloud-katana | Automates security assessment and research in cloud-native environments using event-driven serverless computing | 250 |
 google/cloud-forensics-utils | Tools for collecting and analyzing evidence from cloud platforms during incident response. | 465 |
 deepfence/threatmapper | An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. | 4,845 |
| azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,546 |
 cmendible/azqr | Analyzes Azure resources to ensure compliance with best practices and recommendations | 0 |
| azure/microsoft-defender-for-cloud | Provides tools and resources for programmatically managing cloud security with Microsoft Defender | 1,710 |
| deepfence/yarahunter | Automated malware scanning tool for containers and filesystems using YARA ruleset | 1,268 |
 fsecurelabs/azurite | Assists in auditing and penetration testing of Microsoft Azure cloud environments by collecting and visualizing deployment information. | 249 |
 netevert/sentinel-attack | A tool to help rapidly deploy and utilize threat hunting capabilities on Azure Sentinel | 1,061 |
 orlikoski/cdqr | A tool for analyzing forensic data from various devices and platforms | 334 |
 mandiant/mandiant-azure-ad-investigator | A PowerShell module designed to detect potential security threats in Azure AD environments | 615 |
 hausec/powerzure | A framework to assess and exploit resources within Azure cloud platform | 1,106 |
 dark-kinga/cloudtools | A cloud asset management tool for detecting and managing cloud security vulnerabilities in various cloud services | 902 |