Corissalea / KQL-and-WorkbooksView external linksLinks
Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!
☆21Aug 23, 2024Updated last year
Alternatives and similar repositories for KQL-and-Workbooks
Users that are interested in KQL-and-Workbooks are comparing it to the libraries listed below
Sorting:
- ☆11Oct 24, 2022Updated 3 years ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆450Jun 16, 2023Updated 2 years ago
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Microsoft 365 Defender Hunting via PowerShell.☆14Feb 8, 2022Updated 4 years ago
- Check you Sentinel environment using Pester infrastructure tests☆31Sep 26, 2023Updated 2 years ago
- A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report.☆38Dec 22, 2025Updated last month
- ☆42Nov 11, 2022Updated 3 years ago
- ☆18Jun 4, 2025Updated 8 months ago
- ☆61Jun 24, 2023Updated 2 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆207Jul 21, 2022Updated 3 years ago
- Additional resources to improve customer experience with Microsoft Defender for Identity☆120Sep 12, 2025Updated 5 months ago
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 2 years ago
- Analyze Windows Firewall outbound blocks and selectively allow traffic☆70Dec 30, 2022Updated 3 years ago
- KQL for Azure Resource Manager and AppID search☆23Aug 15, 2024Updated last year
- Extensible Azure Security Tool - Documentation☆83Jun 1, 2023Updated 2 years ago
- Windows Security Descriptor Definition Language (SDDL) parser and formatter☆19Jun 8, 2020Updated 5 years ago
- MS Entra ID Protection Guidance☆22Apr 2, 2024Updated last year
- ☆21May 8, 2022Updated 3 years ago
- ☆46Oct 27, 2023Updated 2 years ago
- Tool to convert SDDL to readable text☆42Apr 25, 2018Updated 7 years ago
- Qemuno Framework☆24Sep 8, 2022Updated 3 years ago
- ☆43May 22, 2021Updated 4 years ago
- ☆47Nov 16, 2023Updated 2 years ago
- ☆28Aug 19, 2020Updated 5 years ago
- Defensive-oriented Active Directory enumeration☆23Jan 22, 2016Updated 10 years ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Oct 12, 2025Updated 4 months ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆59Oct 5, 2025Updated 4 months ago
- Everything about Active Directory in a hybrid infrastructure!☆27Dec 31, 2022Updated 3 years ago
- ☆66Jan 23, 2022Updated 4 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Jul 4, 2022Updated 3 years ago
- Tool to perform lateral movement between AAD joined devices☆66Jun 8, 2022Updated 3 years ago
- Tooling for assessing an Azure AD tenant state and configuration☆828Jun 12, 2024Updated last year
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 7 months ago
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆67Jan 30, 2026Updated 2 weeks ago
- Machine Interrogation To Identify Gaps & Techniques for Execution☆33Jul 12, 2022Updated 3 years ago
- General Content☆25Dec 23, 2025Updated last month
- Maintain Tier 0 users. This script take care all Tier 0 users are in the correct OU or in the default user container and add the Kerberos…☆65Apr 1, 2025Updated 10 months ago
- Powershell scripts to implement a Tier administration model in Active Directory☆31Sep 22, 2020Updated 5 years ago
- Ludus range for the Constructing Defense Lab☆74Nov 10, 2025Updated 3 months ago