cybersecops Goto Github PK

awesome-incident-response

A curated list of tools for incident response

awesome-kape

A curated list of KAPE-related resources

awesome-kql-sentinel

A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel

awesome-malware-analysis

Defund the Police.

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome-osint

:scream: A curated list of amazingly awesome OSINT

awesome-red-team-operations

awesome-threat-intel-rss

A curated list of Awesome Threat Intelligence blogs

awesome-yara

A curated list of awesome YARA rules, tools, and people.

awesome_threat-hunting

A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.

awesomekql

Azure Sentinel intrusion detection rules, recent exploits and lolbas :)

aws-automated-incident-response-and-forensics

aws-incident-response-playbooks

aws-log4j-mitigations

Mitigations (AWS WAF, Lambda@Edge/CloudFront Functions) to implement on AWS to attempt to prevent log4j exploitation.

aws-pentesting-lab

Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet

aws-secure-environment-accelerator

The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.

aws-security-analytics-bootstrap

AWS Security Analytics Bootstrap enables customers to perform security investigations on AWS service logs by providing an Amazon Athena analysis environment that's quick to deploy, ready to use, and easy to maintain.

aws-security-hub-automated-response-and-remediation

AWS Security Hub Automated Response and Remediation is an add-on solution that works with AWS Security Hub to provide a ready-to-deploy architecture and a library of automated playbooks. The solution makes it easier for AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS.

aws-security-reference-architecture-examples

Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.

aws_eks_cluster_forensics

AWS EKS Cluster Forensics

awsgoat

AWSGoat : A Damn Vulnerable AWS Infrastructure

azure-ad-incident-response-powershell-module

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.

azure-defender-for-iot

Hands-on lab workshop, Azure Defender for IoT

azure-red-team

Azure Security Resources and Notes

azure-routeserver-anycast

Use Azure Route Server for multi-region Anycast load balancing within private networks

azure-sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

azure-sentinel-hive-playbook

Send High & New Incidents to The Hive incident management Platform

azure-sentinel-notebooks

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

azure-sentinel2go

Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab.

azuread-attack-defense

This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.