AzureHunter
Cloud forensics analyzer
A tool to analyze and mine cloud forensic data from Azure and O365 audit logs.
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
771 stars
22 watching
85 forks
Language: PowerShell
last commit: about 2 years ago azforensicsazureazure-forensicsazuresearchercloud-forensicscybersecuritydfirdigital-forensicsincident-responsepowershellv5threat-huntingthreathuntingunifiedauditlog
Related projects:
| Repository | Description | Stars |
|---|---|---|
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 149 |
 t0pcyber/hawk | A PowerShell-based tool to gather information on O365 intrusions and potential breaches. | 722 |
 azure/cloud-katana | Automates security assessment and research in cloud-native environments using event-driven serverless computing | 250 |
 google/cloud-forensics-utils | Tools for collecting and analyzing evidence from cloud platforms during incident response. | 467 |
 deepfence/threatmapper | An application protection platform that monitors and analyzes cloud-native applications for vulnerabilities and threats. | 4,861 |
| azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,555 |
 cmendible/azqr | Analyzes Azure resources to ensure compliance with best practices and recommendations | 0 |
| azure/microsoft-defender-for-cloud | Provides tools and resources for programmatically managing cloud security with Microsoft Defender | 1,717 |
| deepfence/yarahunter | Automated malware scanning tool for containers and filesystems using YARA ruleset | 1,275 |
 fsecurelabs/azurite | Assists in auditing and penetration testing of Microsoft Azure cloud environments by collecting and visualizing deployment information. | 250 |
 netevert/sentinel-attack | A tool to quickly deploy a threat hunting capability on Azure Sentinel using Sysmon and MITRE ATT&CK | 1,062 |
 orlikoski/cdqr | A tool for analyzing forensic data from various devices and platforms | 334 |
 mandiant/mandiant-azure-ad-investigator | A PowerShell module designed to detect potential security threats in Azure AD environments | 617 |
 hausec/powerzure | A framework to assess and exploit resources within Azure cloud platform | 1,119 |
 dark-kinga/cloudtools | A cloud asset management tool for detecting and managing cloud security vulnerabilities in various cloud services | 915 |