Mandiant-Azure-AD-Investigator

Threat detector

A PowerShell module designed to detect potential security threats in Azure AD environments

GitHub

615 stars
33 watching
89 forks
Language: PowerShell
last commit: over 1 year ago

Related projects:

Repository Description Stars
mandiant/capa-rules A standard collection of rules for identifying capabilities in programs 541
netevert/sentinel-attack A tool to help rapidly deploy and utilize threat hunting capabilities on Azure Sentinel 1,061
mandiant/capa An executable file analysis tool that identifies capabilities and potential malicious behaviors. 4,885
mgeeky/azurert A PowerShell module for interacting with Azure and Azure AD from an offensive perspective. 227
azuread/azure-ad-incident-response-powershell-module Provides tools to help respond to security incidents in Azure Active Directory by automating tasks and data retrieval. 421
darkquasar/azurehunter A tool to analyze and mine cloud forensic data from Azure and O365 audit logs. 770
spaceraccoon/manuka A modular OSINT honeypot system that monitors and tracks reconnaissance attempts by threat actors to generate actionable intelligence for defenders. 329
miladaslaner/threathunt A PowerShell repository to simulate and train threat hunting skills without malicious files. 134
netspi/microburst A collection of scripts and functions to assess Microsoft Azure security from various attack vectors 2,051
psecio/canary A security tool that enables input detection and response. 30
chainguard-dev/malcontent A tool that detects and analyzes malicious software in various file formats and platforms 445
mhaggis/hunt-detect-prevent A collection of resources and tools for detecting and preventing malicious activity on Windows systems. 162
infocyte/pshunt A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. 279
fsecurelabs/azurite Assists in auditing and penetration testing of Microsoft Azure cloud environments by collecting and visualizing deployment information. 249
d4stiny/peacemaker A Windows kernel-mode utility designed to detect and analyze advanced malware techniques. 417