LouisMastelinck / LouSecInatorLinks
This project contains a **test executable** specifically designed to trigger incidents in **Microsoft Defender for Endpoint (MDE)**. It was created in my personal time as a demonstration tool to support discussions, workshops, and hands-on labs around **incident response and investigation techniques**.
☆14Updated 6 months ago
Alternatives and similar repositories for LouSecInator
Users that are interested in LouSecInator are comparing it to the libraries listed below
Sorting:
- This repo aims to help you decipher the UAL from a Digital Forensics & Incident Response (DFIR) perspective. The UAL is the Microsoft 365…☆63Updated last year
- MDE Tester is designed to help testing various features in Microsoft Defender for Endpoint.☆194Updated last year
- MAES: M365 Analyzer & Extractor Suite Po☆33Updated this week
- Tool for creating reports on Entra ID Role Assignments☆100Updated last year
- PowerShell-based Automation of Defender for Endpoint☆184Updated 7 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel�☆194Updated last month
- Repository with Sentinel Analytics Rules, Hunting Queries and helpful external data sources.☆137Updated last week
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Updated 2 years ago
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Updated 2 years ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Updated 3 years ago
- Content Repo for Demystifying KQL Tutorial Series☆72Updated last year
- Azure administrative tiering based on known attack paths☆132Updated last week
- ☆20Updated last year
- ☆54Updated this week
- ☆38Updated last year
- ☆66Updated 3 weeks ago
- Random Powershell scripts☆13Updated 2 years ago
- Simple hunting script for suspicious M365 OAuth Apps☆320Updated 4 months ago
- Sentinel Logic Apps, Playbooks and Workbooks to automate enrichment, incident analysis and more.☆115Updated 3 weeks ago
- The "Monash Enterprise Access Model" (MEAM) is a model for tiering Active Directory that builds heavily on the Microsoft Enterprise Acces…☆136Updated last year
- Sentinel Analytics Rule converter PowerShell module☆65Updated last month
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆61Updated 6 months ago
- KQL Queries☆30Updated this week
- ☆21Updated 2 years ago
- The purpose of this repository is to share KQL queries to help identify security misconfigurations, hunt for specific patterns, or detect…☆68Updated 2 weeks ago
- Microsoft 365 Security Assessment Tool - A Easy-To-Use Microsoft 365 Security Assessment Tool☆170Updated 9 months ago
- A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged object…☆310Updated this week
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆16Updated 3 months ago
- ☆39Updated 5 months ago
- ☆373Updated this week