Automated security investigation tool using Microsoft MCP Servers, GitHub Copilot, Python Modules and custom copilot-instructions.
☆199May 12, 2026Updated last week
Alternatives and similar repositories for security-investigator
Users that are interested in security-investigator are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An automation framework for deploying Microsoft Sentinel environments using pipelines. This project combines infrastructure-as-code (Bice…☆50Updated this week
- ☆38Mar 2, 2026Updated 2 months ago
- some KQL Queries for Advanced Hunting☆84May 12, 2026Updated last week
- This repository contains various public projects created by the owners of Hybrid Brothers☆21Nov 3, 2023Updated 2 years ago
- The EPSS Calculator is a user-friendly web application that calculates the EPSS (Exploit Prediction Scoring System) score based on a prov…☆17Nov 11, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- The collateral repository for The KQL Mysteries series☆27Mar 8, 2024Updated 2 years ago
- Cyber Threat Intelligence☆79Dec 7, 2025Updated 5 months ago
- Manage and maintain Defender XDR custom collection configuration☆37Nov 19, 2025Updated 6 months ago
- The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel☆280Jan 2, 2026Updated 4 months ago
- Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)☆264May 7, 2026Updated last week
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆128Dec 28, 2025Updated 4 months ago
- MDE Quickstart is a battle-tested MDE policy set designed to be restored with Intune Backup & Restore☆65Dec 26, 2022Updated 3 years ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆65Mar 30, 2026Updated last month
- KustoHawk is a lightweight incident triage and response tool designed for effective incident response in Microsoft Defender XDR and Micro…☆153Apr 1, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆45Apr 10, 2024Updated 2 years ago
- MAES: M365 Analyzer & Extractor Suite Po☆36May 4, 2026Updated 2 weeks ago
- Sentinel Recon Tools Workbook☆14Aug 24, 2022Updated 3 years ago
- KQLIntel is a browser-based tool that uses LLMs to convert threat intelligence reports into actionable Kusto Query Language (KQL) queries…☆30Aug 4, 2025Updated 9 months ago
- Sharing my KQL queries for Azure Sentinel☆209May 11, 2026Updated last week
- ☆69Apr 20, 2026Updated 3 weeks ago
- Sentinel Analytics Rule converter PowerShell module☆69Feb 24, 2026Updated 2 months ago
- Troubleshooting MDE Workstations☆43May 1, 2026Updated 2 weeks ago
- A collection of Microsoft Sentinel workbooks and analytics rules.☆111Feb 8, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Ian Hanley's deceptively simple KQL queries.☆68Apr 10, 2026Updated last month
- This powerbi dashboards will help the Security team to analyze KBs, delivered monthly by Microsoft☆14Mar 9, 2022Updated 4 years ago
- A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as …☆467Feb 18, 2026Updated 3 months ago
- my MSTICpy practice and custom tools repository☆11Apr 23, 2025Updated last year
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- My personal work with Copilot for Security☆200Jun 27, 2025Updated 10 months ago
- This is a powershell module to help implement the AD Tier Model☆17Feb 17, 2026Updated 3 months ago
- Security Copilot resources☆25Mar 3, 2026Updated 2 months ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆263Mar 2, 2026Updated 2 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Splunk TA for alert action to TheHive-project☆11May 13, 2020Updated 6 years ago
- ☆45Feb 12, 2026Updated 3 months ago
- KQL Queries. Microsoft Defender, Microsoft Sentinel☆886May 11, 2026Updated last week
- Guidance and collateral for troubleshooting and managing Azure Sentinel data costs.☆28Oct 9, 2023Updated 2 years ago
- Repository for Software Certs for easy software blocking across corp environments, for example, using MDE IOC☆70May 8, 2026Updated last week
- Discover gaps in Entra Conditional Access policies before attackers do☆122Mar 23, 2026Updated last month
- Created by Ivan Quintanilla via the GitHub Connector☆22Feb 17, 2025Updated last year