Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
☆41Updated this week
Alternatives and similar repositories for security-investigator
Users that are interested in security-investigator are comparing it to the libraries listed below
Sorting:
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆22Jul 31, 2025Updated 6 months ago
- ☆36Updated this week
- Troubleshooting MDE Workstations☆42Jan 7, 2026Updated last month
- ☆67Jan 20, 2026Updated last month
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago
- The collateral repository for The KQL Mysteries series☆27Mar 8, 2024Updated last year
- ☆30May 1, 2025Updated 9 months ago
- Parse pfSense/OPNSense logs using Logstash, GeoIP tag entities, add additional context to logs, then send to Azure Sentinel for analysis.☆31Feb 28, 2022Updated 3 years ago
- Disclaimer: Please note that these materials are public available in several reference websites. These materials are not only the source …☆13Dec 31, 2023Updated 2 years ago
- This repository is for code and documentation for Badge Engine, a Digital Promise technology☆17Dec 22, 2025Updated 2 months ago
- IT Risk Management tools☆14Apr 4, 2025Updated 10 months ago
- ☆12Jun 9, 2021Updated 4 years ago
- Assess Azure Security State☆38Jan 22, 2024Updated 2 years ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆277Jan 2, 2026Updated last month
- Conditional Access baseline for March 2025☆12Mar 4, 2025Updated 11 months ago
- Microsoft-Defender-for-IoT☆14May 26, 2025Updated 8 months ago
- CloudQuery Provider for Azure☆13Aug 15, 2022Updated 3 years ago
- ☆29Updated this week
- ☆12Apr 1, 2023Updated 2 years ago
- An advanced AI-driven vulnerability scanner and penetration testing tool that integrates multiple AI providers (OpenAI, Grok, OLLAMA, Cla…☆34Nov 7, 2025Updated 3 months ago
- ☆20Dec 24, 2025Updated 2 months ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆203Updated this week
- This is a simulation of attack by the Cozy Bear group (APT-29) targeting diplomatic missions☆44Jun 12, 2024Updated last year
- ☆45Apr 10, 2024Updated last year
- ☆18Jan 26, 2026Updated 3 weeks ago
- ☆12Feb 9, 2025Updated last year
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 4 years ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆129Jan 11, 2026Updated last month
- This powerbi dashboards will help the Security team to analyze KBs, delivered monthly by Microsoft☆14Mar 9, 2022Updated 3 years ago
- Repository for Intune Reporting using Azure Monitor, Log Analytics and Azure Workbooks☆54Jun 21, 2024Updated last year
- A modern, reactive, open source ACI GUI☆18Nov 17, 2016Updated 9 years ago
- A lightweight Python tool to analyze PCAP files and generate network traffic reports. It detects traffic patterns, security concerns, and…☆18Sep 25, 2024Updated last year
- SOAP is a free, online tool aimed at enabling civil society organisations and activist groups to build security policies that work for th…☆16Mar 23, 2024Updated last year
- ☆16Dec 7, 2025Updated 2 months ago
- LLM supported Toolkit for Blue Team/ SOC Operations☆45Jan 10, 2026Updated last month
- Librados Mailbox☆10Sep 1, 2016Updated 9 years ago
- Knowledge base for reverse engineering and malware analysis☆15Jan 11, 2026Updated last month
- brewpkg☆17Sep 30, 2025Updated 4 months ago
- ☆11Dec 28, 2025Updated last month