Fabian Bader (f-bader)

f-bader

Geek Repo

Company:glueckkanja AG

Location:Hamburg, Germany

Home Page:https://cloudbrothers.info/en/

Twitter:@fabian_bader

Github PK Tool:Github PK Tool

Fabian Bader's repositories

TokenTacticsV2

A fork of the great TokenTactics with support for CAE and token endpoint v2

Language:PowerShellLicense:BSD-3-ClauseStargazers:154Issues:4Issues:0

SentinelARConverter

Sentinel Analytics Rule converter PowerShell module

Language:PowerShellLicense:MITStargazers:49Issues:4Issues:12

AzSentinelQueries

Repository with Sentinel Analytics Rules and Hunting Queries

SentinelPesterFramework

Check you Sentinel environment using Pester infrastructure tests

Language:PowerShellStargazers:24Issues:3Issues:0

EntraIDAuditLogToMicrosoftGraph

A list of Entra ID (Azure AD) Audit event names and the corresponding Microsoft Graph Request Uri

License:MITStargazers:21Issues:3Issues:0

GPOReport

A PowerShell function to search for specific group policy settings in all GPOs in a large enterprise environment

Language:PowerShellLicense:MITStargazers:10Issues:2Issues:1

EntraID-ErrorCodes

Entra ID (Azure AD) error codes as JSON

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Language:Jupyter NotebookLicense:MITStargazers:2Issues:1Issues:0

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Language:GoLicense:BSD-3-ClauseStargazers:2Issues:1Issues:0

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews.

Language:PowerShellLicense:Apache-2.0Stargazers:2Issues:1Issues:0

PurpleElbeSecurityUserGroup

Purple Elbe Security User Group

Language:PowerShellStargazers:2Issues:0Issues:0

CloudArchitektAzureSentinel

Sharing my KQL queries for Azure Sentinel

Language:PowerShellStargazers:1Issues:1Issues:0

KQLAnalyzer

REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.

Language:C#Stargazers:1Issues:1Issues:0

MDE-AuditCheck

MDE relies on some of the Audit settings to be enabled

Language:PowerShellStargazers:1Issues:1Issues:0

MDTI-Solutions

Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product

Language:Jupyter NotebookLicense:MITStargazers:1Issues:1Issues:0

validate-detections

GitHub action for validating Microsoft Sentinel detection rules

Language:PowerShellLicense:MITStargazers:1Issues:1Issues:0

AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365

Language:PowerShellLicense:MITStargazers:0Issues:1Issues:0

ATADocs

Public content repo for ATA documentation in OPS

Language:PowerShellLicense:CC-BY-4.0Stargazers:0Issues:1Issues:0
Language:PowerShellLicense:CC-BY-4.0Stargazers:0Issues:2Issues:0

BARK

BloodHound Attack Research Kit

Language:PowerShellLicense:GPL-3.0Stargazers:0Issues:1Issues:0

DefenderHarvester

Expose a lot of MDE telemetry that is not easily accessible in any searchable form

Language:GoLicense:MITStargazers:0Issues:1Issues:0

deviceCode2WinHello

A small script that automates Entra ID persistence with Windows Hello For Business key

Language:PythonLicense:MITStargazers:0Issues:1Issues:0

FalconHound

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

Language:GoLicense:BSD-3-ClauseStargazers:0Issues:0Issues:0

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Language:XSLTLicense:GPL-3.0Stargazers:0Issues:1Issues:0

MDEASM-Solutions

Solutions developed by the MDEASM Customer Experience Engineering (CxE) Go-To Production (GTP) team for Azure MDEASM

Language:Jupyter NotebookLicense:MITStargazers:0Issues:1Issues:0
Language:PowerShellStargazers:0Issues:1Issues:0

microsoft-365-docs

This repo is used to host the source for the Microsoft 365 documentation on https://docs.microsoft.com.

Language:PowerShellLicense:CC-BY-4.0Stargazers:0Issues:1Issues:0

microsoft-info

Repository hosting a list of Microsoft First party apps

Language:PowerShellLicense:MITStargazers:0Issues:1Issues:0

TokenTactics

Azure JWT Token Manipulation Toolset

Language:PowerShellLicense:BSD-3-ClauseStargazers:0Issues:1Issues:0