Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!
☆21Aug 23, 2024Updated last year
Alternatives and similar repositories for KQL-and-Workbooks
Users that are interested in KQL-and-Workbooks are comparing it to the libraries listed below
Sorting:
- ☆11Oct 24, 2022Updated 3 years ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆451Jun 16, 2023Updated 2 years ago
- Microsoft 365 Defender Hunting via PowerShell.☆14Feb 8, 2022Updated 4 years ago
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆40Feb 19, 2026Updated 2 weeks ago
- ☆42Nov 11, 2022Updated 3 years ago
- ☆18Jun 4, 2025Updated 9 months ago
- ☆61Jun 24, 2023Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Additional resources to improve customer experience with Microsoft Defender for Identity☆121Sep 12, 2025Updated 5 months ago
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 2 years ago
- Analyze Windows Firewall outbound blocks and selectively allow traffic☆70Dec 30, 2022Updated 3 years ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- ☆46Oct 27, 2023Updated 2 years ago
- Windows Security Descriptor Definition Language (SDDL) parser and formatter☆20Jun 8, 2020Updated 5 years ago
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year
- Extensible Azure Security Tool - Documentation☆83Jun 1, 2023Updated 2 years ago
- Tool to convert SDDL to readable text☆43Apr 25, 2018Updated 7 years ago
- Ludus range for the Constructing Defense Lab☆106Feb 23, 2026Updated 2 weeks ago
- Qemuno Framework☆24Sep 8, 2022Updated 3 years ago
- ☆43May 22, 2021Updated 4 years ago
- ☆47Nov 16, 2023Updated 2 years ago
- Collection of KQL queries☆1,611Jan 29, 2026Updated last month
- Defensive-oriented Active Directory enumeration☆23Jan 22, 2016Updated 10 years ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆23Aug 7, 2024Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆323Oct 12, 2025Updated 4 months ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆60Oct 5, 2025Updated 5 months ago
- Everything about Active Directory in a hybrid infrastructure!☆27Dec 31, 2022Updated 3 years ago
- ☆66Jan 23, 2022Updated 4 years ago
- Tool to perform lateral movement between AAD joined devices☆65Jun 8, 2022Updated 3 years ago
- Tooling for assessing an Azure AD tenant state and configuration☆831Jun 12, 2024Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 8 months ago
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆75Feb 27, 2026Updated last week
- General Content☆25Dec 23, 2025Updated 2 months ago
- Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos…☆65Apr 1, 2025Updated 11 months ago
- Powershell scripts to implement a Tier administration model in Active Directory☆31Sep 22, 2020Updated 5 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Terraform config to spin up a domain controller and some member servers in azure☆33Apr 11, 2022Updated 3 years ago
- You wonder how to manage your travelers ? In this scenario we describe how to manage them with Identity Governance and Conditional Access…☆11Mar 20, 2024Updated last year