vstoms

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

BlueTeam-Tools

Tools and Techniques for Blue Team / Incident Response

Blue-Team-Notes

You didn't think I'd go and leave the blue team out, right?

Digital-Forensics-Guide

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

untitledgoosetool

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

Azure-MG-Sub-Governance-Reporting

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

KQL

Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.

Copilot-For-Security

Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles

BadZure

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

CISSP-Study-Resources

CISSP Resources

ZigStarGW-MT

GUI wrapper designed for convenient service work with TI CC1352/CC2538/CC2652 based Zigbee sticks or gateways. Packed into single executable file

maester

The core repository for the Maester module with helper cmdlets that will be called from the Pester tests.

awesome-CISSP-CCSP

CISSP study material repository

SentinelAutomationModules

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel

csrgenerator.com

Flask micro-webapp to generate Certificate Signing Requests

kc7

A cybersecurity game in Azure Data Explorer

MDEtester

MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.

Winget-AutoUpdate-Intune

WAUaaS daily updates apps as system and notify users. WAUaaS brings you WAU in a service like pattern that can be deployed and configured by Microsoft Intune (or other MDM solutions).

WindowsHardening

Intune configuration files for Windows 10 and 11 hardening

Microsoft-Purview-Advanced-Rich-Reports-MPARR-Collector

Repository with all the MPARR components solution

AADAppAudit

Microsoft Entra ID App Audit Solution (AADAppAudit)

mdefordownlevelserver

Enrollment

azuredevopsgenerator

Azure DevOps Generator Template repo

PSADT

AutopilotTool

No more need to struggle to manually get, move and import the csv-file from another device. All you need to do is run the tool (Shift+F10 when you get to pick your keyboard layout), start Autopilot Tool and sign in to Azure (when you get prompted) with an administrative user. This works well with MFA!

Copilot4SecurityTools

Copilot for Security Tools

RockEnrollTool