Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-azure-security
A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.
https://github.com/kmcquade/awesome-azure-security
Last synced: 1 day ago
JSON representation
-
Training
- Awesome Azure Learning - azure-learning)](https://badgen.net/github/stars/ddneves/awesome-azure-learning)
- Awesome Azure Learning - azure-learning)](https://badgen.net/github/stars/ddneves/awesome-azure-learning)
- Azure AZ 500 Study Guide - AZ-500-Study-Guide)](https://badgen.net/github/stars/AzureMentor/Azure-AZ-500-Study-Guide)
- Azure AZ 500 Labs by Microsoft - AzureSecurityTechnologies)](https://badgen.net/github/stars/MicrosoftLearning/AZ500-AzureSecurityTechnologies)
- Breaking and Pwning Apps and Servers on AWS and Azure - and-pwning-apps-and-servers-aws-azure-training)](https://badgen.net/github/stars/appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training)
-
Uncategorized
-
Uncategorized
- Azure security logging and auditing
- Azure Security Center - Alerts Reference Guide
- Nuking all Azure Resource Groups under all Azure Subscriptions - wide god-mode Service Principals to nuke an entire Azure environment.
- Privilege Escalation and Lateral Movement on Azure
- Privilege Escalation in Azure AD
- Abusing Azure AD SSO with the Primary Refresh Token - long term tokens stored on your laptop or other AD connected resources - for Single Sign On (SSO) against on-prem and Azure AD connected resources. See Dirk-jan Mollema's blog goes over abusing these tokens, which you can access if you have code execution on a target or on your laptop that is Azure AD joined.
- Detect Azure network configuration mistakes with visualization using Flow Logs and Traffic Analytics
- Use Azure API Management and Keyvault to authorize based on API body values
- BloodHound
- ScoutSuite - Cloud Security auditing tool. [![stars](https://badgen.net/github/stars/nccgroup/ScoutSuite)](https://badgen.net/github/stars/nccgroup/ScoutSuite)
- Steampipe - source benchmarks & dashboards for security & insights. [![stars](https://badgen.net/github/stars/turbot/steampipe)](https://badgen.net/github/stars/turbot/steampipe)
- StormSpotter
- MicroBurst
- PowerZure
- ROADrecon
- Checkov
- Terraform Compliance for Azure - mod-terraform-azure-compliance)](https://badgen.net/github/stars/turbot/steampipe-mod-terraform-azure-compliance)
- DumpsterDiver
- Azucar
- tfsec
- Attacking Azure Cloud Shell - account command execution and privilege escalation.
-
Categories
Sub Categories
Keywords
azure
8
security
5
aws
4
terraform
4
gcp
3
compliance
3
devops
3
azure-security
2
steampipe
2
kubernetes
2
static-analysis
2
devsecops
2
infrastructure-as-code
2
cloud
2
aws-security
2
powershell
1
infosec
1
windows
1
azure-active-directory
1
azuread
1
microsoft-graph
1
python
1
zero-etl
1
sqlite
1
postgresql-fdw
1
postgresql
1
golang
1
etl
1
cspm
1
cnapp
1
cis
1
auditing
1
vulnerability-scanners
1
terraform-security
1
scanner
1
misconfiguration
1
linter
1
google-cloud-platform
1
go
1
digitalocean
1
ci
1
pentesting
1
penetration-testing
1
opensource
1
free
1
application-security
1
study-guide
1
microsoft-azure-security
1
exam
1
azure-learning
1