Andy's starred repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
APT_REPORT
Interesting APT Report Collection And Some Special IOC
AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
ICS-Security-Tools
Tools, tips, tricks, and more for exploring ICS Security.
awesome-soc
A collection of sources of documentation, as well as field best practices, to build/run a SOC
EventLogging
Automation scripts to deploy Windows Event Forwarding, Sysmon, and custom audit policies in an Active Directory environment.
Azure-AD-Incident-Response-PowerShell-Module
The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Product Group in conjunction with the Microsoft Detection and Response Team (DART), to assist in compromise response.
family-of-client-ids-research
Research into Undocumented Behavior of Azure AD Refresh Tokens
Sigma-Rules
A repository of my own Sigma detection rules.
TreeHouse-Wordlists
Wordlist for Hacking, Penetration Testing, Vulnerability Assessments and More
MicrosoftSentinelStuff
Misc. content for Microsoft Sentinel
Penetration-Testing-Helper-Scripts
Some scripts to improve the Quality of Life for a penetration tester when working