A cybersecurity game in Azure Data Explorer
☆175Jul 12, 2024Updated last year
Alternatives and similar repositories for kc7
Users that are interested in kc7 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threat Hunting is time consuming enough as it is. Coming up with and tracking metrics to justify your hunt team to the Execs often takes…☆13Dec 7, 2022Updated 3 years ago
- Repo of KC7 challenge scenarios☆27Aug 30, 2025Updated 7 months ago
- MSTIC Notebook Components☆35Sep 4, 2025Updated 7 months ago
- Synapse Rapid Power-up for SinkDB☆11Jun 24, 2025Updated 9 months ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆18Mar 10, 2023Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Repo with supporting material for the talk titled "Cracking the Beacon: Automating the extraction of implant configurations"☆11Feb 6, 2025Updated last year
- Home repo for documentation and links to resources☆12Jul 25, 2019Updated 6 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 7 months ago
- OSSEM Data Dictionaries☆65Jan 22, 2025Updated last year
- Open Source Platform for storing, organizing, and searching documents related to cyber threats☆170Nov 10, 2023Updated 2 years ago
- A repository of Sysmon For Linux configuration modules☆16Oct 14, 2021Updated 4 years ago
- ☆31Sep 4, 2023Updated 2 years ago
- Collection of KQL queries☆1,627Jan 29, 2026Updated 2 months ago
- ☆43May 22, 2021Updated 4 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- ☆19Sep 3, 2021Updated 4 years ago
- The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifa…☆648Nov 7, 2025Updated 5 months ago
- Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts…☆1,098Feb 25, 2026Updated last month
- Microsoft Threat Intelligence Security Tools☆1,955Mar 25, 2026Updated 2 weeks ago
- GitHub action for validating Microsoft Sentinel detection rules☆14May 22, 2023Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆44Nov 7, 2020Updated 5 years ago
- python framework to parse logs for IR☆15May 2, 2021Updated 4 years ago
- Interactive Azure Sentinel Notebooks provides security insights and actions to investigate anomalies and hunt for malicious behaviors.☆618Oct 17, 2025Updated 5 months ago
- Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc☆601Dec 4, 2025Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A Python library to help with some common threat hunting data analysis operations☆142Apr 23, 2023Updated 2 years ago
- Reportly is an AzureAD user activity report tool.☆96Aug 14, 2023Updated 2 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆51Sep 22, 2025Updated 6 months ago
- ☆262May 9, 2024Updated last year
- Jupyter notebooks for threat hunting☆60Mar 26, 2025Updated last year
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆55Dec 5, 2024Updated last year
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆277Jan 2, 2026Updated 3 months ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆450Jun 16, 2023Updated 2 years ago
- Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL☆281Aug 28, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Powershell sandboxing utility☆19Mar 2, 2026Updated last month
- In this repository you may find KQL (Kusto Query Language) queries and Watchlist schemes for data sources related to Microsoft Sentinel (…☆138Mar 31, 2026Updated last week
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆787Mar 25, 2026Updated 2 weeks ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆90Sep 16, 2023Updated 2 years ago
- BlackBerry Threat Research & Intelligence☆99Oct 20, 2023Updated 2 years ago
- ☆68Mar 9, 2026Updated last month
- ☆615Jun 1, 2023Updated 2 years ago