Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
☆187Apr 22, 2026Updated last week
Alternatives and similar repositories for security-investigator
Users that are interested in security-investigator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆43Mar 23, 2026Updated last month
- ☆37Mar 2, 2026Updated last month
- some KQL Queries for Advanced Hunting☆75Updated this week
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- The EPSS Calculator is a user-friendly web application that calculates the EPSS (Exploit Prediction Scoring System) score based on a prov…☆17Nov 11, 2024Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The collateral repository for The KQL Mysteries series☆27Mar 8, 2024Updated 2 years ago
- Cyber Threat Intelligence☆79Dec 7, 2025Updated 4 months ago
- Manage and maintain Defender XDR custom collection configuration☆35Nov 19, 2025Updated 5 months ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆278Jan 2, 2026Updated 3 months ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆241Apr 14, 2026Updated 2 weeks ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆65Mar 30, 2026Updated 3 weeks ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆149Apr 1, 2026Updated 3 weeks ago
- ☆45Apr 10, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- MAES: M365 Analyzer & Extractor Suite Po☆36Apr 16, 2026Updated last week
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆30Aug 4, 2025Updated 8 months ago
- Sharing my KQL queries for Azure Sentinel☆209Apr 22, 2026Updated last week
- Troubleshooting MDE Workstations☆42Updated this week
- ☆69Apr 20, 2026Updated last week
- Sentinel Analytics Rule converter PowerShell module☆68Feb 24, 2026Updated 2 months ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago
- Ian Hanley's deceptively simple KQL queries.☆67Apr 10, 2026Updated 2 weeks ago
- This powerbi dashboards will help the Security team to analyze KBs, delivered monthly by Microsoft☆14Mar 9, 2022Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated 11 months ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆466Feb 18, 2026Updated 2 months ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- My personal work with Copilot for Security☆199Jun 27, 2025Updated 10 months ago
- This is a powershell module to help implement the AD Tier Model☆17Feb 17, 2026Updated 2 months ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13May 18, 2021Updated 4 years ago
- ☆45Feb 12, 2026Updated 2 months ago
- Security Copilot resources☆25Mar 3, 2026Updated last month
- Table of AD and Azure assets and whether they belong to Tier Zero☆262Mar 2, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Site to share several small PowerShell scripts built as a set of functions.☆24Jul 25, 2025Updated 9 months ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 5 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆881Apr 19, 2026Updated last week
- Guidance and collateral for troubleshooting and managing Azure Sentinel data costs.☆28Oct 9, 2023Updated 2 years ago
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆68Updated this week
- Discover gaps in Entra Conditional Access policies before attackers do☆114Mar 23, 2026Updated last month
- A preconfigured Velociraptor triage collector☆76Apr 20, 2026Updated last week