Enumerate Microsoft Entra ID (Azure AD) fast

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…

A Python based ingestor for BloodHound

A remote monitoring & management tool, built with Django, Vue and Go.

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Virtual whiteboard for sketching hand-drawn like diagrams

A collection of ARM-based detections for Azure/AzureAD based TTPs

Hunt for security weaknesses in Kubernetes clusters

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Code included as part of the MustLearnKQL blog series

Azure Red Team tool for graphing Azure and Azure Active Directory objects

Azure Security Resources and Notes

My NixOS configurations.

Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

A simple HTTP proxy that fogs over naughty URLs

Collection of KQL queries

Microsoft Azure Exploitation Framework

A collection of scripts for assessing Microsoft Azure security

Automated diagrams of CDK provisioned infrastructure

Simple local scanner for vulnerable log4j instances

This repo has been replaced by https://www.cloudvulndb.org

Six Degrees of Domain Admin

Understand adversary tradecraft and improve detection strategies

Username enumeration and password spraying tool aimed at Microsoft O365.

Records actions made in the AWS Management Console and outputs the equivalent CLI/SDK commands and CloudFormation/Terraform templates.

Microsoft Threat Intelligence Security Tools