Azure/Azure-Sentinel-Notebooks external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Azure/Azure-Sentinel-Notebooks

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Azure/Azure-Sentinel-Notebooks)

Close

Azure / Azure-Sentinel-NotebooksView on GitHubMore

• External links
• Readme badge

Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.

☆616Oct 17, 2025Updated 4 months ago

Alternatives and similar repositories for Azure-Sentinel-Notebooks

Users that are interested in Azure-Sentinel-Notebooks are comparing it to the libraries listed below

• Azure / Azure-Sentinel

  View on GitHub
  Cloud-native SIEM for intelligent security analytics for your entire enterprise.
  ☆5,497Updated this week
• microsoft / msticpy

  View on GitHub
  Microsoft Threat Intelligence Security Tools
  ☆1,947Feb 10, 2026Updated 2 weeks ago
• OTRF / Microsoft-Sentinel2Go

  View on GitHub
  Microsoft Sentinel2Go is an open source project developed to expedite the deployment of a Microsoft Sentinel research lab.
  ☆586Jan 22, 2025Updated last year
• edoardogerosa / sentinel-attack

  View on GitHub
  Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
  ☆1,078Nov 28, 2024Updated last year
• reprise99 / Sentinel-Queries

  View on GitHub
  Collection of KQL queries
  ☆1,611Jan 29, 2026Updated last month
• microsoft / Microsoft-365-Defender-Hunting-Queries

  View on GitHub
  Sample queries for Advanced hunting in Microsoft 365 Defender
  ☆2,051Feb 17, 2022Updated 4 years ago
• rod-trent / SentinelKQL

  View on GitHub
  Azure Sentinel KQL
  ☆471Jul 28, 2025Updated 6 months ago
• wortell / AZSentinel

  View on GitHub
  PowerShell module for Azure Sentinel
  ☆233Aug 3, 2022Updated 3 years ago
• FalconForceTeam / FalconFriday

  View on GitHub
  Hunting queries and detections
  ☆883Oct 30, 2025Updated 4 months ago
• briandelmsft / SentinelAutomationModules

  View on GitHub
  The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
  ☆277Jan 2, 2026Updated last month
• Bert-JanP / Hunting-Queries-Detection-Rules

  View on GitHub
  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…
  ☆1,638Updated this week
• OTRF / Security-Datasets

  View on GitHub
  Re-play Security Events
  ☆1,723Mar 20, 2024Updated last year
• Azure / Microsoft-Defender-for-Cloud

  View on GitHub
  Welcome to the Microsoft Defender for Cloud community repository
  ☆1,882Feb 17, 2026Updated last week
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆804Jan 14, 2026Updated last month
• reprise99 / awesome-kql-sentinel

  View on GitHub
  A curated list of blogs, videos, tutorials, queries and anything else valuable to help you learn and master KQL and Microsoft Sentinel
  ☆239Feb 8, 2023Updated 3 years ago
• OTRF / infosec-jupyter-book

  View on GitHub
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆131Oct 17, 2020Updated 5 years ago
• rod-trent / SentinelPlaybooks

  View on GitHub
  ☆59Jul 18, 2024Updated last year
• microsoft / msticnb

  View on GitHub
  MSTIC Notebook Components
  ☆35Sep 4, 2025Updated 5 months ago
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,486Jan 12, 2026Updated last month
• OTRF / Blacksmith

  View on GitHub
  Building environments to replicate small networks and deploy applications
  ☆330Jan 9, 2026Updated last month
• ashwin-patil / blue-teaming-with-kql

  View on GitHub
  Repository with Sample KQL Query examples for Threat Hunting
  ☆217Sep 1, 2022Updated 3 years ago
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated last month
• LearningKijo / KQL

  View on GitHub
  Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.
  ☆484Nov 22, 2024Updated last year
• cyb3rmik3 / KQL-threat-hunting-queries

  View on GitHub
  A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…
  ☆758Aug 28, 2025Updated 6 months ago
• rod-trent / MustLearnKQL

  View on GitHub
  Code included as part of the MustLearnKQL blog series
  ☆1,146Jan 30, 2026Updated last month
• alexverboon / MDATP

  View on GitHub
  MDATP
  ☆456Jul 20, 2024Updated last year
• Intellisec-Solutions / Microsoft-Sentinel-SIGMA-Rules-Workbook

  View on GitHub
  ☆12Jul 15, 2022Updated 3 years ago
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,475Dec 31, 2025Updated 2 months ago
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,287Feb 27, 2023Updated 3 years ago
• Azure / SimuLand

  View on GitHub
  Understand adversary tradecraft and improve detection strategies
  ☆712Mar 9, 2023Updated 2 years ago
• splunk / attack_range

  View on GitHub
  A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…
  ☆2,445Updated this week
• rod-trent / SentinelWorkbooks

  View on GitHub
  Workbooks for Azure Sentinel
  ☆63Aug 14, 2023Updated 2 years ago
• inodee / spl-to-kql

  View on GitHub
  The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…
  ☆44Nov 7, 2020Updated 5 years ago
• Azure / Stormspotter

  View on GitHub
  Azure Red Team tool for graphing Azure and Azure Active Directory objects
  ☆1,684Jan 8, 2024Updated 2 years ago
• microsoft / ASDET

  View on GitHub
  ☆19Sep 3, 2021Updated 4 years ago
• splunk / security_content

  View on GitHub
  Splunk Security Content
  ☆1,575Updated this week
• darkquasar / AzureHunter

  View on GitHub
  A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
  ☆789Oct 29, 2022Updated 3 years ago
• sbousseaden / EVTX-ATTACK-SAMPLES

  View on GitHub
  Windows Events Attack Samples
  ☆2,515Jan 24, 2023Updated 3 years ago
• Azure / Azure-Network-Security

  View on GitHub
  Resources for improving Customer Experience with Azure Network Security
  ☆920Feb 16, 2026Updated last week