zha0 Goto Github PK

azure-activedirectory-library-for-python

ADAL for Python

azure-ad-incident-response-powershell-module

The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.

azure-functions-eop-poc

azure-red-team

Azure Security Resources and Notes

azure-sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

azure-sentinel-notebooks

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

azure-sentinel2go

Azure Sentinel2Go is an open source project developed to expedite the deployment of an Azure Sentinel lab.

azure_workshop

azuread

A collection of Azure AD related scripts and automations

azuread-attack-defense

This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.

azureadexporter

PowerShell module to export a local copy of all Azure Active Directory configuration settings and objects.

azureadjoinedmachineptc

azureattackkit

Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information

azurec2relay

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile.

azureforensics

azurehound

Azure Data Exporter for BloodHound

azurehunter

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

azureoutlookc2

Azure Outlook Command & Control. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP = Abuse Microsoft Graph API for C2 Operations.

azurert

AzureRT - A Powershell module implementing various Azure Red Team tactics

azuretokenextractor

Extracts Azure authentication tokens from PowerShell process minidumps. https://www.lares.com/blog/hunting-azure-admins-for-vertical-escalation-part-2/

babyos

自己动手实现一个玩具操作系统，名曰babyos。以baby为名，取其活泼、可爱之意。简单，却招人喜爱，幼稚，却又生机勃勃。

babyos2

a 32 bit Intel 386 toy os kernel

babyos3

a 64 bit linux like toy os kernel

backdoor-learning-resources

A list of backdoor learning resources

backdoors

Simple linux backdoors and hiding techniques

backdoors-1

Tools for maintaining access to systems and proof-of-concept demonstrations.

backstab

A tool to kill antimalware protected processes

backup-3gstudent.github.io

old blog

backup_dc_registry

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY

backupoperatortoda

From an account member of the group Backup Operators to Domain Admin without RDP or WinRM on the Domain Controller