Azure-DevOps-server-supply-chain-attack-tree
Attack model
An attack tree model for identifying potential security vulnerabilities in an Azure DevOps Server supply chain.
Azure DevOps server supply-chain attack tree (map, Attack surface, threat modeling)
7 stars
2 watching
3 forks
last commit: almost 2 years ago attack-treeattack-treesazure-devopsazure-devops-serversupply-chain
Related projects:
| Repository | Description | Stars |
|---|---|---|
 sbasu7241/aws-threat-simulation-and-detection | This repository documents the simulation and detection of various AWS attack scenarios using Stratus Red Team and SumoLogic for logging and analysis. | 282 |
 azure/simuland | A collaboration to create realistic test environments for simulating real-world attacks and improving detection strategies. | 703 |
 chong-z/tree-ensemble-attack | An approach to create adversarial examples for tree-based ensemble models | 22 |
| azure/stormspotter | A tool for analyzing and visualizing Azure objects to help security teams understand potential attack surfaces. | 1,546 |
 stevespringett/threatmodel-sdk | A Java library for parsing and using threat model data in a standardized way | 79 |
 devsecops/raindance | A framework to simplify attack mapping and security modeling in software development | 46 |
 jlopp/physical-bitcoin-attacks | Compiles known physical attacks on Bitcoin and cryptocurrency owners | 577 |
 lightspin-tech/lightspin-2022-top-7-attack-paths | Compiles research on cloud security trends and attack paths | 39 |
 indeedops/shadowbuster | An attack mapping application that visualizes real-time events and pushes them to the front end via websockets. | 79 |
 r3dxpl0it/cve-2018-4407 | Exploits a heap buffer overflow vulnerability in the XNU operating system kernel to cause a denial-of-service attack on iOS and macOS devices. | 35 |
 attackercan/burp-xss-sql-plugin | Automated tool for detecting cross-site scripting (XSS) and SQL injection vulnerabilities in web applications. | 44 |
 trustoncloud/threatmodel-for-aws-s3 | An inventory of common attack scenarios on Amazon S3 storage and recommended countermeasures | 151 |
 cloud-architekt/azuread-attack-defense | A collection of attack scenarios and mitigation strategies for Microsoft Entra ID | 2,149 |
 voulnet/barq | An AWS-focused post-exploitation framework that enables attackers to compromise running EC2 instances without needing original credentials. | 386 |
 tomac/yersinia | A framework for creating Layer 2 attacks to disrupt Spanning Tree protocols. | 722 |