Mandiant-Azure-AD-Investigator
Threat detector
A PowerShell module designed to detect potential security threats in Azure AD environments
615 stars
33 watching
89 forks
Language: PowerShell
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| mandiant/capa-rules | A standard collection of rules for identifying capabilities in programs | 541 |
 netevert/sentinel-attack | A tool to help rapidly deploy and utilize threat hunting capabilities on Azure Sentinel | 1,061 |
| mandiant/capa | An executable file analysis tool that identifies capabilities and potential malicious behaviors. | 4,873 |
 mgeeky/azurert | A PowerShell module for interacting with Azure and Azure AD from an offensive perspective. | 227 |
 azuread/azure-ad-incident-response-powershell-module | Provides tools to help respond to security incidents in Azure Active Directory by automating tasks and data retrieval. | 421 |
 darkquasar/azurehunter | A tool to analyze and mine cloud forensic data from Azure and O365 audit logs. | 770 |
 spaceraccoon/manuka | A modular OSINT honeypot system that monitors and tracks reconnaissance attempts by threat actors to generate actionable intelligence for defenders. | 329 |
 miladaslaner/threathunt | A PowerShell repository to simulate and train threat hunting skills without malicious files. | 134 |
 netspi/microburst | A collection of scripts and functions to assess Microsoft Azure security from various attack vectors | 2,046 |
 psecio/canary | A security tool that enables input detection and response. | 30 |
 chainguard-dev/malcontent | A tool that detects and analyzes malicious software in various file formats and platforms | 445 |
 mhaggis/hunt-detect-prevent | A collection of resources and tools for detecting and preventing malicious activity on Windows systems. | 162 |
 infocyte/pshunt | A Powershell Threat Hunting Module designed to scan and survey remote endpoints for indicators of compromise or comprehensive system information. | 279 |
 fsecurelabs/azurite | Assists in auditing and penetration testing of Microsoft Azure cloud environments by collecting and visualizing deployment information. | 249 |
 d4stiny/peacemaker | A Windows kernel-mode utility designed to detect and analyze advanced malware techniques. | 417 |