☆43Oct 11, 2023Updated 2 years ago
Alternatives and similar repositories for MDEKit
Users that are interested in MDEKit are comparing it to the libraries listed below
Sorting:
- ☆22Aug 29, 2023Updated 2 years ago
- Velociraptor Server hosted in Azure App Service☆59Jun 4, 2025Updated 9 months ago
- ☆402Updated this week
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- Repository to publish sample use cases, templates, solutions, automations for Microsoft Defender Threat Intelligence (MDTI) product☆80Sep 9, 2024Updated last year
- Hunting Queries for Defender ATP☆83Dec 14, 2025Updated 2 months ago
- Programming Microsoft Sentinel book☆25Dec 13, 2023Updated 2 years ago
- Azure AiTM Function PoC to phish Entra ID Credentials☆28Nov 21, 2025Updated 3 months ago
- Threat Hunting query in Microsoft 365 Defender, XDR. Provide out-of-the-box KQL hunting queries - App, Email, Identity and Endpoint.☆484Nov 22, 2024Updated last year
- This tool aims at parsing Microsoft Protection logs to provide relevant data to forensic analysts during incident responses.☆21Sep 30, 2022Updated 3 years ago
- Generate test data that is not only realistic but also contextually meaningful☆27Jun 30, 2023Updated 2 years ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated 10 months ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 8 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆432Feb 18, 2026Updated 2 weeks ago
- A curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful to help you learn Azure Policy - by @JesseLoudon☆13Jan 20, 2022Updated 4 years ago
- Random Powershell scripts☆13Feb 13, 2024Updated 2 years ago
- Microsoft Defender for Endpoint PowerShell module☆12Dec 28, 2023Updated 2 years ago
- ☆11Jul 29, 2020Updated 5 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆64May 12, 2024Updated last year
- This is a simulation of attack by Fancy Bear group (APT28) targeting high-ranking government officials Western Asia and Eastern Europe☆38Jun 12, 2024Updated last year
- The EPSS Calculator is a user-friendly web application that calculates the EPSS (Exploit Prediction Scoring System) score based on a prov…☆17Nov 11, 2024Updated last year
- GitHub action for validating Microsoft Sentinel detection rules☆14May 22, 2023Updated 2 years ago
- 🛡️ Assign AD permissions via PowerShell templates — Simplify and standardize AD delegation with reusable PowerShell templates.☆24Updated this week
- Automated Password Dumper for Web Browsers☆16Mar 23, 2014Updated 11 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- LNK to JSON☆14Mar 7, 2019Updated 6 years ago
- Clean public password dump files and store in ELK☆37Jan 24, 2018Updated 8 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Oct 30, 2018Updated 7 years ago
- ☆35Mar 23, 2024Updated last year
- ☆89Dec 5, 2023Updated 2 years ago
- ☆61Jun 24, 2023Updated 2 years ago
- A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 D…☆758Aug 28, 2025Updated 6 months ago
- ☆37Updated this week
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆119Aug 19, 2025Updated 6 months ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- FireProx written in Go☆20Apr 13, 2024Updated last year
- Root module for creating Tier Model / Delegation Model on Active Directory☆20Aug 28, 2025Updated 6 months ago
- ☆17Jan 21, 2026Updated last month