Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
☆204May 30, 2026Updated last week
Alternatives and similar repositories for security-investigator
Users that are interested in security-investigator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆51Jun 2, 2026Updated last week
- ☆38Mar 2, 2026Updated 3 months ago
- Production-ready KQL queries for Microsoft Defender XDR and Microsoft Sentinel. Focused on Threat Hunting, Detection Engineering, and MIT…☆102Jun 2, 2026Updated last week
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- The EPSS Calculator is a user-friendly web application that calculates the EPSS (Exploit Prediction Scoring System) score based on a prov…☆17Nov 11, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- The collateral repository for The KQL Mysteries series☆28Mar 8, 2024Updated 2 years ago
- Cyber Threat Intelligence☆80Dec 7, 2025Updated 6 months ago
- Manage and maintain Defender XDR custom collection configuration☆39Nov 19, 2025Updated 6 months ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆283Jan 2, 2026Updated 5 months ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆274May 7, 2026Updated last month
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆129Dec 28, 2025Updated 5 months ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆65Mar 30, 2026Updated 2 months ago
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆157Apr 1, 2026Updated 2 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆45Apr 10, 2024Updated 2 years ago
- MAES: M365 Analyzer & Extractor Suite Po☆36May 4, 2026Updated last month
- Sentinel Recon Tools Workbook☆14Aug 24, 2022Updated 3 years ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆31Aug 4, 2025Updated 10 months ago
- Sharing my KQL queries for Azure Sentinel☆219May 23, 2026Updated 2 weeks ago
- ☆70Apr 20, 2026Updated last month
- Sentinel Analytics Rule converter PowerShell module☆70Feb 24, 2026Updated 3 months ago
- Troubleshooting MDE Workstations☆43May 22, 2026Updated 2 weeks ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Ian Hanley's deceptively simple KQL queries.☆68Apr 10, 2026Updated last month
- This powerbi dashboards will help the Security team to analyze KBs, delivered monthly by Microsoft☆14Mar 9, 2022Updated 4 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆468Feb 18, 2026Updated 3 months ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- My personal work with Copilot for Security☆203Jun 27, 2025Updated 11 months ago
- This is a powershell module to help implement the AD Tier Model☆17Feb 17, 2026Updated 3 months ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆13May 18, 2021Updated 5 years ago
- Security Copilot resources☆26Mar 3, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Table of AD and Azure assets and whether they belong to Tier Zero☆264Mar 2, 2026Updated 3 months ago
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 6 years ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆901Updated this week
- ☆48Feb 12, 2026Updated 3 months ago
- Guidance and collateral for troubleshooting and managing Azure Sentinel data costs.☆28Oct 9, 2023Updated 2 years ago
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆71Updated this week
- Discover gaps in Entra Conditional Access policies before attackers do☆126Mar 23, 2026Updated 2 months ago