Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
☆53Mar 16, 2026Updated this week
Alternatives and similar repositories for security-investigator
Users that are interested in security-investigator are comparing it to the libraries listed below
Sorting:
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆23Jul 31, 2025Updated 7 months ago
- Troubleshooting MDE Workstations☆42Jan 7, 2026Updated 2 months ago
- ☆67Mar 9, 2026Updated last week
- The collateral repository for The KQL Mysteries series☆26Mar 8, 2024Updated 2 years ago
- ☆37Mar 2, 2026Updated 2 weeks ago
- Knowledge base for reverse engineering and malware analysis☆15Jan 11, 2026Updated 2 months ago
- some KQL Queries for Advanced Hunting☆70Updated this week
- ☆12Apr 1, 2023Updated 2 years ago
- Assess Azure Security State☆38Jan 22, 2024Updated 2 years ago
- ☆30Updated this week
- Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.☆31Feb 28, 2022Updated 4 years ago
- A repository to store community malware research notes and findings.☆15Feb 13, 2026Updated last month
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆276Jan 2, 2026Updated 2 months ago
- ☆18Jul 13, 2022Updated 3 years ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago
- ☆12Feb 9, 2025Updated last year
- Ian Hanley's deceptively simple KQL queries.☆67Dec 27, 2025Updated 2 months ago
- ☆13Feb 18, 2024Updated 2 years ago
- Miscellaneous Azure Sentinel files that don't fall into other categories.☆13Aug 23, 2021Updated 4 years ago
- ☆11Aug 23, 2021Updated 4 years ago
- Sentinel Analytics Rule converter PowerShell module☆67Feb 24, 2026Updated 3 weeks ago
- Tools and scripts that are useful with the Microsoft Entra ID, M365, and Azure cloud☆15Aug 29, 2025Updated 6 months ago
- ☆56Mar 3, 2026Updated 2 weeks ago
- Repository with Hunting and Detection Queries for Microsoft Sentinel and Microsoft Defender XDR☆16Nov 7, 2025Updated 4 months ago
- Repository for Intune Reporting using Azure Monitor, Log Analytics and Azure Workbooks☆54Jun 21, 2024Updated last year
- This repository provides a comprehensive Digital Footprint Checklist to help individuals manage their online presence and enhance privacy…☆17Dec 25, 2024Updated last year
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆136Jan 11, 2026Updated 2 months ago
- ☆16Sep 21, 2025Updated 5 months ago
- ☆24Feb 18, 2025Updated last year
- ☆48Jun 6, 2025Updated 9 months ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Aug 12, 2025Updated 7 months ago
- ☆45Apr 10, 2024Updated last year
- IT Risk Management tools☆14Apr 4, 2025Updated 11 months ago
- A yara based MCP Server☆22Mar 9, 2026Updated last week
- Solutions for the Master Azure Bicep udemy course☆19Jun 29, 2025Updated 8 months ago
- Sharing my KQL queries for Azure Sentinel☆208Feb 9, 2026Updated last month
- This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions☆44Jun 12, 2024Updated last year
- A PowerShell implementation of Claude Code: agent loop + tools + permissions.☆66Feb 7, 2026Updated last month
- ☆23Jan 29, 2024Updated 2 years ago