Mandiant-Azure-AD-Investigator
Threat detector
A PowerShell module designed to detect potential security threats in Azure AD environments
617 stars
33 watching
89 forks
Language: PowerShell
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| mandiant/capa-rules | A standard collection of rules for identifying capabilities in programs | 549 |
 netevert/sentinel-attack | A tool to quickly deploy a threat hunting capability on Azure Sentinel using Sysmon and MITRE ATT&CK | 1,062 |
| mandiant/capa | An executable file analysis tool that identifies capabilities and potential malicious behaviors. | 4,944 |
 mgeeky/azurert | A PowerShell module for interacting with Azure and Azure AD from an offensive perspective. | 227 |
 azuread/azure-ad-incident-response-powershell-module | Provides tools to help respond to security incidents in Azure Active Directory by automating tasks and data retrieval. | 424 |
 darkquasar/azurehunter | A tool to analyze and mine cloud forensic data from Azure and O365 audit logs. | 771 |
 spaceraccoon/manuka | A modular OSINT honeypot system that monitors and tracks reconnaissance attempts by threat actors to generate actionable intelligence for defenders. | 330 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 netspi/microburst | A collection of scripts and functions to assess Microsoft Azure security from various attack vectors | 2,068 |
 psecio/canary | A security tool that enables input detection and response. | 30 |
 chainguard-dev/malcontent | Tools for detecting and analyzing malware in software binaries | 468 |
 mhaggis/hunt-detect-prevent | A collection of resources and tools for detecting and preventing malicious activity on Windows systems. | 162 |
 infocyte/pshunt | A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 280 |
 fsecurelabs/azurite | Assists in auditing and penetration testing of Microsoft Azure cloud environments by collecting and visualizing deployment information. | 250 |
 d4stiny/peacemaker | A Windows kernel-mode utility designed to detect and analyze advanced malware techniques. | 417 |