Skip to content

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

Notifications You must be signed in to change notification settings

kmcquade/awesome-azure-security

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Awesome Azure Security Awesome

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

Contribute

Contributions welcome! Read the contribution guidelines first.

Contents

Tools

Security Assessment Tools

  • Azucar: Security auditing tool for Azure environments. Windows only. stars
  • BloodHound: BloodHound uses graph theory to reveal hidden relationships and attack paths in an Active Directory environment that would otherwise be impossible to quickly identify. stars
  • ScoutSuite: Multi-Cloud Security auditing tool. stars
  • Steampipe: Instantly query your cloud, code, logs & more with SQL. Build on thousands of open-source benchmarks & dashboards for security & insights. stars
  • StormSpotter: Azure Red Team tool for graphing Azure and Azure Active Directory objects. stars

Offensive Tools

  • MicroBurst: a PowerShell Toolkit for Attacking Azure. stars
  • PowerZure: a PowerShell project created to perform reconnaissance and exploitation of Azure, AzureAD, and the associated resources. stars
  • ROADrecon: a tool for exploring information in Azure AD from both a Red Team and Blue Team perspective. stars

Infrastructure as Code Scanning Tools

  • Checkov: Terraform, Cloudformation and Kubernetes static analysis written in python. stars
  • Terraform Compliance for Azure: Steampipe module to check compliance of Terraform configurations to Azure security best practices. stars
  • tfsec: Provides static analysis of your terraform templates to spot potential security issues. stars

Other Tools

  • DumpsterDiver: Tool to search secrets in various filetypes like keys (e.g. AWS Access Key Azure Share Key or SSH keys) or passwords. stars

Threat Detection and Response

Audit Logging

  • Azure security logging and auditing: Azure provides a wide array of configurable security auditing and logging options to help you identify gaps in your security policies and mechanisms.

Native Alerting

Blog Posts

Offensive blog posts

Defensive blog posts

Training

Talks

Other key resources

About

A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.

Resources

Code of conduct

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •